blackmatter | 73c07aa4bd216ebe870b332144fa8ec206bd518823c627a29ff7499bd65d9f4b | Triage

Sharing

General

Target

22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6.zip
Size

38KB
Sample

240624-xhbjms1ajp
MD5

a673667a024d675ff980bb083fd0659b
SHA1

1dc4af0fb817c38c7c01c7731ec8c4ca52ebf360
SHA256

73c07aa4bd216ebe870b332144fa8ec206bd518823c627a29ff7499bd65d9f4b
SHA512

892147ee3943a55ab766f10bd5c3c30d040b478a9b05973597bb2490ddd50ef32c1a161d5314ceabb6a9de6f39a85084f25bc00e7c1739baa2cd9e10960e8a0f
SSDEEP

768:9r60vylcUdGrLHm/2V/8DgMQ2CEsbvy8MDeFdAE3Hn51+5i8OLQ5Ggpl4kb:kPBQfG+FM8rbvhFeU51OM05tl

Score

10^/10

blackmatter 512478c08dada2af19e49808fbda5b0b

Malware Config

Extracted

Family

blackmatter

Version

1.2

Botnet

512478c08dada2af19e49808fbda5b0b

Credentials

Username:
[email protected]
Password:
120Heisler

Username:
[email protected]
Password:
Tesla2019

Username:
[email protected]
Password:
iteam8**

C2

https://paymenthacks.com

http://paymenthacks.com

https://mojobiden.com

http://mojobiden.com

Attributes

attempt_auth
true
create_mutex
true
encrypt_network_shares
true
exfiltrate
true
mount_volumes
true

rsa_pubkey.base64

aes.base64

Targets

- Target
  
  22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6.zip
- Size
  
  38KB
- MD5
  
  a673667a024d675ff980bb083fd0659b
- SHA1
  
  1dc4af0fb817c38c7c01c7731ec8c4ca52ebf360
- SHA256
  
  73c07aa4bd216ebe870b332144fa8ec206bd518823c627a29ff7499bd65d9f4b
- SHA512
  
  892147ee3943a55ab766f10bd5c3c30d040b478a9b05973597bb2490ddd50ef32c1a161d5314ceabb6a9de6f39a85084f25bc00e7c1739baa2cd9e10960e8a0f
- SSDEEP
  
  768:9r60vylcUdGrLHm/2V/8DgMQ2CEsbvy8MDeFdAE3Hn51+5i8OLQ5Ggpl4kb:kPBQfG+FM8rbvhFeU51OM05tl
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

512478c08dada2af19e49808fbda5b0bblackmatter

behavioral1

behavioral2