blackmatter | 930b9c1792a539acdb051af34de91060[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

7a223a0aa0...96.exe

windows7-x64

7a223a0aa0...96.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

0361b6a1f37016ed147e7617a3c08300 blackmatter

1 signatures

Behavioral task

behavioral1

Sample

7a223a0aa0f88e84a68da6cde7f7f5c3bb2890049b0bf3269230d87d2b027296.exe

Resource

win7-20230220-en

blackmatter ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

7a223a0aa0f88e84a68da6cde7f7f5c3bb2890049b0bf3269230d87d2b027296.exe

Resource

win10v2004-20230220-en

blackmatter ransomware

windows10-2004-x64

10 signatures

150 seconds

General

Target

930b9c1792a539acdb051af34de91060.bin
Size

54KB
MD5

6620f12b53aebe795b100ca639cbba37
SHA1

a8fcda4c6214c3c06d60771d8f7530b308e33d78
SHA256

d9eba524d87f742cebb5cb5788f7ab38726184321f1998dcb28488d15fa3b348
SHA512

a5d6a92faca7dafd49192f4362657bacd30a8c596e1bbe19e8f8e06dffeff4afc2302a65e663eaf63e1c4b444e9b235b2d9512d67dbdc9715d448b2f8a481eda
SSDEEP

768:05TfI5m+fJc4YkGw9ivQU3Yred017otDvgpn3I0A3SF3Xh3gwEoGBA:8TgVB64iareW1xW6gFBA

Score

10^/10

0361b6a1f37016ed147e7617a3c08300 blackmatter

Malware Config

Extracted

Family

blackmatter

Version

3.0

Botnet

0361b6a1f37016ed147e7617a3c08300

Attributes

attempt_auth
false
create_mutex
true
encrypt_network_shares
true
exfiltrate
false
mount_volumes
true

rsa_pubkey.base64

aes.base64

Signatures

Blackmatter family
blackmatter

Files

930b9c1792a539acdb051af34de91060.bin
.zip

Password: infected
7a223a0aa0f88e84a68da6cde7f7f5c3bb2890049b0bf3269230d87d2b027296.exe
.exe windows x86

Password: infected

b5f7572a69026027aaf438fad3024477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
SetPixel
SelectObject
CreateSolidBrush

user32

LoadMenuW
GetWindowTextW
GetDlgItem
DefWindowProcW
CreateMenu
GetKeyNameTextW
LoadImageW

kernel32

GetLastError
LoadLibraryW
LoadLibraryExA
GetTickCount
GetProcAddress
GetDateFormatW
FreeLibrary
FormatMessageW
GetModuleHandleA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy