blackmatter | a6903580ab0f4f6e41778b8d20c663b56436ae1dda08a241f3ac22ad329870fb | Triage

Sharing

General

Target

a6903580ab0f4f6e41778b8d20c663b56436ae1dda08a241f3ac22ad329870fb
Size

96KB
Sample

220124-awyj1aggcn
MD5

d7f93757123c79564b540e59ed188974
SHA1

723e3879bae0772badef7b058db64dc947a5d8ba
SHA256

a6903580ab0f4f6e41778b8d20c663b56436ae1dda08a241f3ac22ad329870fb
SHA512

13ca67a8ba4286cc00d8e57deadf39b0de49f8829f28ac13893eb094664c94586d5772da675d016f4d6041927163433b58a93c97babc9ddb5e44b8dbf735db8f

Score

10^/10

blackmatter e4aaffc36f5d5b7d597455eb6d497df5

Malware Config

Extracted

Family

blackmatter

Version

2.0

Botnet

e4aaffc36f5d5b7d597455eb6d497df5

Credentials

Username:
[email protected]
Password:
BBis#1ec

Username:
[email protected]
Password:
k8DbBSZYWWnr0QqrILoo

Username:
[email protected]
Password:
Smokie@CF

C2

https://mojobiden.com

http://mojobiden.com

https://nowautomation.com

http://nowautomation.com

Attributes

attempt_auth
true
create_mutex
true
encrypt_network_shares
true
exfiltrate
true
mount_volumes
true

rsa_pubkey.base64

aes.base64

Targets

- Target
  
  a6903580ab0f4f6e41778b8d20c663b56436ae1dda08a241f3ac22ad329870fb
- Size
  
  96KB
- MD5
  
  d7f93757123c79564b540e59ed188974
- SHA1
  
  723e3879bae0772badef7b058db64dc947a5d8ba
- SHA256
  
  a6903580ab0f4f6e41778b8d20c663b56436ae1dda08a241f3ac22ad329870fb
- SHA512
  
  13ca67a8ba4286cc00d8e57deadf39b0de49f8829f28ac13893eb094664c94586d5772da675d016f4d6041927163433b58a93c97babc9ddb5e44b8dbf735db8f
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

e4aaffc36f5d5b7d597455eb6d497df5blackmatter

behavioral1

behavioral2