Overview

overview

10

Static

static

10

84af3f1570...4f.exe

windows7_x64

10

84af3f1570...4f.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84af3f15701d259f3729d83beb15ca738028432c261353d1f9242469d791714f

  • Size

    67KB

  • MD5

    1019e0151d6c55eeecf06443fa6197c7

  • SHA1

    369445caaca7ba44bc684f9d9fd7651467ed5167

  • SHA256

    84af3f15701d259f3729d83beb15ca738028432c261353d1f9242469d791714f

  • SHA512

    7328cac56bce5a181bdaca079cd16c04dedb0f0201a40b0fcb6b0d7483440f99dc480b5d08bb295bc4c257bb16d88160e709ce8b76e2d2514080d05a82c7f6c8

  • SSDEEP

    1536:jzICS4AT6GxdEe+TOdincJXvKv8Zg3kl:8R7auJXSkZg3C

Score
10/10
512478c08dada2af19e49808fbda5b0bblackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

512478c08dada2af19e49808fbda5b0b

Credentials
  • Username:
    aheisler@hhcp.com
  • Password:
    120Heisler
  • Username:
    dsmith@hhcp.com
  • Password:
    Tesla2019
  • Username:
    administrator@hhcp.com
  • Password:
    iteam8**
C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com
Attributes
  • attempt_auth

    true

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

Files

  • 84af3f15701d259f3729d83beb15ca738028432c261353d1f9242469d791714f
    .exe windows x86

    c94b1566bf307396953c849ef18f9857


    Code Sign

    Headers

    Imports

    Sections