blackmatter | ad260da314d2f8f3f1531cc5779cbba9

General

Target

ad260da314d2f8f3f1531cc5779cbba9
Size

64KB
MD5

ad260da314d2f8f3f1531cc5779cbba9
SHA1

30e15cf49a97e4560c96eed7e0c68ed9a8502023
SHA256

4ad9432cc817afa905bab2f16d4f713af42ea42f5e4fcf53e6d4b631a7d6da91
SHA512

3791b4058ee64bed388b10eeefd733ff45e10c4f374d5644cd4aa10eee6a3fac9bf31076be021acc5c46e8fe79f84048807aaf2c278a5e0e46d41eec00e5e723
SSDEEP

768:QDjahoICS4AIqa3x4aSOo+sYk+5qmOaA/yGzySTe7/cA2gdu0v:yzICS4ALqaaS1+Pq5aPGzysuENs

Score

10^/10

bab21ee475b52c0c9eb47d23ec9ba1d1 blackmatter

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

bab21ee475b52c0c9eb47d23ec9ba1d1

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com

Attributes

attempt_auth
false
create_mutex
true
encrypt_network_shares
true
exfiltrate
true
mount_volumes
true

rsa_pubkey.base64

aes.base64

Signatures

Blackmatter family
blackmatter

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad260da314d2f8f3f1531cc5779cbba9

Files

ad260da314d2f8f3f1531cc5779cbba9
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 512B - Virtual size: 136B

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 512B - Virtual size: 136B

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB