blackmatter | BlackMatter[.]7a223a0aa0f88e84a68da[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

BlackMatte...da.exe

windows7-x64

BlackMatte...da.exe

windows10-2004-x64

Sharing

Static task

static1

0361b6a1f37016ed147e7617a3c08300 blackmatter

1 signatures

Behavioral task

behavioral1

Sample

BlackMatter.7a223a0aa0f88e84a68da.exe

Resource

win7-20220901-en

blackmatter ransomware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

BlackMatter.7a223a0aa0f88e84a68da.exe

Resource

win10v2004-20221111-en

blackmatter ransomware

windows10-2004-x64

9 signatures

150 seconds

General

Target

BlackMatter.7a223a0aa0f88e84a68da.exe
Size

95KB
MD5

930b9c1792a539acdb051af34de91060
SHA1

2cda394db71fc67905e31d9e8f4b88ef85a248dc
SHA256

7a223a0aa0f88e84a68da6cde7f7f5c3bb2890049b0bf3269230d87d2b027296
SHA512

9bd26a83d30f69ab7d9dfbe9c3b81c8fd2381f331ce139140646932cf09b461f177c4eb236cd2194d190c50598ac3de0023cfe38e843b08bbe2f120e790ee3f1
SSDEEP

1536:SUICS4ADkFAztzRyxoWtBErqylVxn1GZnKoEcXb/50Qtef0:sBkwtdyxoUH4BYnKobfw

Score

10^/10

0361b6a1f37016ed147e7617a3c08300 blackmatter

Malware Config

Extracted

Family

blackmatter

Version

3.0

Botnet

0361b6a1f37016ed147e7617a3c08300

Attributes

attempt_auth
false
create_mutex
true
encrypt_network_shares
true
exfiltrate
false
mount_volumes
true

rsa_pubkey.base64

aes.base64

Signatures

Blackmatter family
blackmatter

Files

BlackMatter.7a223a0aa0f88e84a68da.exe
.exe windows x86

b5f7572a69026027aaf438fad3024477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
SetPixel
SelectObject
CreateSolidBrush

user32

LoadMenuW
GetWindowTextW
GetDlgItem
DefWindowProcW
CreateMenu
GetKeyNameTextW
LoadImageW

kernel32

GetLastError
LoadLibraryW
LoadLibraryExA
GetTickCount
GetProcAddress
GetDateFormatW
FreeLibrary
FormatMessageW
GetModuleHandleA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy