Overview

overview

10

Static

static

10

1125542c8a...5e.exe

windows7-x64

10

1125542c8a...5e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1125542c8a973c1f614465f0a7c7c8ebeb2dc151c5d4876bfff7cdca7fd2b15e

  • Size

    34KB

  • MD5

    51b4be24023ebefe831c4ce0b19b31c9

  • SHA1

    b219ad9d3cf559b07ef7fd1ffa6e1dd0fc3f9deb

  • SHA256

    1125542c8a973c1f614465f0a7c7c8ebeb2dc151c5d4876bfff7cdca7fd2b15e

  • SHA512

    2e6accb1d4316857aef2f6346a668e472286065bc6325aeb8d6ce6ce591d85456ac336e74d6e38fe7e6089767d4d78a9effeea5735f8d643cb0db0614183291a

  • SSDEEP

    768:0TgeEbf2rriFVI1kggGVtSMC2F7QGIFFBMterI6ywBuO1Yp:LE+VYVYMC2F7AoterI6yR2O

Score
10/10
upxbab21ee475b52c0c9eb47d23ec9ba1d1blackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

bab21ee475b52c0c9eb47d23ec9ba1d1

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com
Attributes
  • attempt_auth

    false

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

  • Blackmatter family
    blackmatter
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 1125542c8a973c1f614465f0a7c7c8ebeb2dc151c5d4876bfff7cdca7fd2b15e
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections