General

  • Target

    1dd464cbb3fbd6881eef3f05b8b1fbd5

  • Size

    72KB

  • MD5

    1dd464cbb3fbd6881eef3f05b8b1fbd5

  • SHA1

    cafd8d20f2abaebbbfc367b4b4512107362f3758

  • SHA256

    b824bbc645f15e213b4cb2628f7d383e9e37282059b03f6fe60f7c84ea1fed1f

  • SHA512

    1564fffe28c2b7c2b18c35d68e3e254106620b2c3b7b5f41b95cfbb3a2cf0d9c42616d670b4060d09129ff18f0148c03e00bbd205f9d10697b265109a43d053c

  • SSDEEP

    1536:yICS4AgxwhjEO3r825exqkHYnKeGsXqsMt:R2SN3mxYnKr

Malware Config

Extracted

Family

blackmatter

Version

1.6

Botnet

0c6ca0532355a106258791f50b66c153

Attributes
  • attempt_auth

    false

  • create_mutex

    false

  • encrypt_network_shares

    true

  • exfiltrate

    false

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

  • Blackmatter family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1dd464cbb3fbd6881eef3f05b8b1fbd5
    .exe windows:5 windows x86 arch:x86

    96c0c982709316e2c58b11a3c2b057ce


    Headers

    Imports

    Sections