Overview

overview

10

Static

static

10

ad260da314...a9.dll

windows7-x64

10

ad260da314...a9.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad260da314d2f8f3f1531cc5779cbba9

  • Size

    64KB

  • MD5

    ad260da314d2f8f3f1531cc5779cbba9

  • SHA1

    30e15cf49a97e4560c96eed7e0c68ed9a8502023

  • SHA256

    4ad9432cc817afa905bab2f16d4f713af42ea42f5e4fcf53e6d4b631a7d6da91

  • SHA512

    3791b4058ee64bed388b10eeefd733ff45e10c4f374d5644cd4aa10eee6a3fac9bf31076be021acc5c46e8fe79f84048807aaf2c278a5e0e46d41eec00e5e723

  • SSDEEP

    768:QDjahoICS4AIqa3x4aSOo+sYk+5qmOaA/yGzySTe7/cA2gdu0v:yzICS4ALqaaS1+Pq5aPGzysuENs

Score
10/10
bab21ee475b52c0c9eb47d23ec9ba1d1blackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

bab21ee475b52c0c9eb47d23ec9ba1d1

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com
Attributes
  • attempt_auth

    false

  • create_mutex

    true

  • encrypt_network_shares

    true

  • exfiltrate

    true

  • mount_volumes

    true

rsa_pubkey.base64
aes.base64

Signatures

  • Blackmatter family
    blackmatter
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ad260da314d2f8f3f1531cc5779cbba9
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections