Overview

overview

10

Static

static

10

668a4a2300...e6.exe

windows7_x64

10

668a4a2300...e6.exe

windows10-2004_x64

10

Resubmissions

08-07-2022 13:22

220708-ql7ypacgfn 10

29-11-2021 17:04

211129-vlj9vafeb7 10

05-10-2021 12:34

211005-prwl6shgb4 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    668a4a2300f36c9df0f7307cc614be3297f036fa312a424765cdb2c169187fe6

  • Size

    34KB

  • MD5

    6f5c77478795ff7fb9700ed50b334429

  • SHA1

    6803d62254edf3bdd3bc523422ff98e6120b6e5b

  • SHA256

    668a4a2300f36c9df0f7307cc614be3297f036fa312a424765cdb2c169187fe6

  • SHA512

    40e4ffd227443003e0506f8d1fbfbacde54f9bfb5fa6908f05e134ee25217d3c3907d7c981107d642c071063b57253b4727fb6a211d7698a7a9bae2d8beede5f

  • SSDEEP

    768:e5geEbf2rriFVI1kggGVtSMC2F7QGIFFBMterI6ywBuO1s:7E+VYVYMC2F7AoterI6yR2

Score
10/10
upxbab21ee475b52c0c9eb47d23ec9ba1d1blackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

bab21ee475b52c0c9eb47d23ec9ba1d1

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com
Attributes
  • attempt_auth

    false

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

  • Blackmatter family
    blackmatter
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 668a4a2300f36c9df0f7307cc614be3297f036fa312a424765cdb2c169187fe6
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections