ioc[.]one - OSINT Cyber Threat Intelligence Database

BlackMatter Ransomware: In-Depth Analysis & Recommendations | Varonis

Tags

country:	Australia Canada Russia United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Python - T1059.006 Software - T1592.002 Vulnerabilities - T1588.006 Powershell - T1086 Windows Management Instrumentation - T1047

Show in Graph

Common Information

Type	Value
UUID	bd46c08b-b45e-410f-a54a-4b50f31b625d
Fingerprint	be910853bb219c4d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 2, 2021, 4 a.m.
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 17, 2024, 12:58 p.m.
Headline	BlackMatter Ransomware: In-Depth Analysis & Recommendations
Title	BlackMatter Ransomware: In-Depth Analysis & Recommendations \| Varonis
Detected Hints/Tags/Attributes	85/3/63

Source URLs

	Redirection	Url
Details	Source	https://www.varonis.com/blog/blackmatter-ransomware/

URL Provider

Details	Provider	Source level domain
Details	varonis.com	www.varonis.com

Attributes

Details	Type	#Events	Value
Details	Domain	4	nowautomation.com
Details	Domain	3	fluentzip.org
Details	Domain	11	mojobiden.com
Details	Domain	10	paymenthacks.com
Details	File	1	c:\%extension%-readme.txt
Details	sha256	1	02ec55a8f4f97a84370ca72b03912ae8625d344b7bd1af92a2de4b636183f2ab
Details	sha256	2	072158f5588440e6c94cb419ae06a27cf584afe3b0cb09c28eff0b4662c15486
Details	sha256	2	0751c422962dcd500d7cf2cf8bf544ddf5b2fe3465df7dd9b9998f6bba5e08a4
Details	sha256	1	14a3e308c90183b3785b6c26ec40d29405361cd8dec204a62235733401bf5f5c
Details	sha256	2	1c63a4fdee1528429886a0de5e89eaa540a058bf27cd378b8d139e045a2f7849
Details	sha256	2	1eea3cbd729d4493c0c0a84efe6840abf1760efe221dc971d32ca5017b5c19c2
Details	sha256	2	20742987e6f743814b25e214f8b2cd43111e2f60a8856a6cca87cafd85422f41
Details	sha256	7	22d7d67c3af10b1a37f277ebabe2d1eb4fd25afbd6437d4377400e148bcc08d6
Details	sha256	2	2466fca0e29b06c78ffa8a44193fb58c30e6bec4e54bbef8e6622349b95cce4c
Details	sha256	2	2aad85dbd4c79bd21c6218892552d5c9fb216293a251559ba59d45d56a01437c
Details	sha256	4	2c323453e959257c7aa86dc180bb3aaaa5c5ec06fa4e72b632d9e4b817052009
Details	sha256	2	2cdb5edf3039863c30818ca34d9240cb0068ad33128895500721bcdca70c78fd
Details	sha256	2	2e50eb85f6e271001e69c5733af95c34728893145766066c5ff8708dcc0e43b2
Details	sha256	2	3a03530c732ebe53cdd7c17bee0988896d36c2b632dbd6118613697c2af82117
Details	sha256	2	3a4bd5288b89aa26fbe39353b93c1205efa671be4f96e50beae0965f45fdcc40
Details	sha256	2	4ad9432cc817afa905bab2f16d4f713af42ea42f5e4fcf53e6d4b631a7d6da91
Details	sha256	2	4be85e2083b64838fb66b92195a250228a721cdb5ae91817ea97b37aa53f4a2b
Details	sha256	3	520bd9ed608c668810971dbd51184c6a29819674280b018dc4027bc38fc42e57
Details	sha256	3	5da8d2e1b36be0d661d276ea6523760dbe3fa4f3fdb7e32b144812ce50c483fa
Details	sha256	2	668a4a2300f36c9df0f7307cc614be3297f036fa312a424765cdb2c169187fe6
Details	sha256	2	66e6563ecef8f33b1b283a63404a2029550af9a6574b84e0fb3f2c6a8f42e89f
Details	sha256	2	6d4712df42ad0982041ef0e2e109ab5718b43830f2966bd9207a7fac3af883db
Details	sha256	1	6e846881115448d5d4b69bf020fcd5872a0efef56e582f6ac8e3e80ea79b7a55
Details	sha256	3	706f3eec328e91ff7f66c8f0a2fb9b556325c153a329a2062dc85879c540839d
Details	sha256	2	730f2d6243055c786d737bae0665267b962c64f57132e9ab401d6e7625c3d0a4
Details	sha256	1	77340f01535db5c80c1f3e725a8f8de17bb227f567b8f568dd339be6ddacf60e
Details	sha256	5	7f6dd0ca03f04b64024e86a72a6d7cfab6abccc2173b85896fc4b431990a5984
Details	sha256	2	8323fdfda08300c691d330badec2607ea050cc10ee39934faeebedf3877df3ac
Details	sha256	2	86c84c07e27cc8aba129e1cf51215b65c445f178b94f2e8c4c10e6bc110daa94
Details	sha256	2	8eada5114fbbc73b7d648b38623fc206367c94c0e76cb3b395a33ea8859d2952
Details	sha256	2	8f1b0affffb2f2f58b477515d1ce54f4daa40a761d828041603d5536c2d53539
Details	sha256	1	98227953d55c5aee2271851cbea3680925d4d0838ee0d63090da143c8d71ac55
Details	sha256	2	9bae897c19f237c22b6bdc024df27455e739be24bed07ef0d409f2df87eeda58
Details	sha256	2	9cf9441554ac727f9d191ad9de1dc101867ffe5264699cafcf2734a4b89d5d6a
Details	sha256	1	a5cdca5a8120b5532f6de3395b9b6d411ad9234b857ce17bb3cc5747be6a7dd2
Details	sha256	2	b0e929e35c47a60f65e4420389cad46190c26e8cfaabe922efd73747b682776a
Details	sha256	1	b1891a5375198e262dfe6f83a89574e7aa438f41e2853d5d31e101bcec95cbf3
Details	sha256	1	b3e82b43750c7d0833f69abd3d31751c9e8face5063573946f61abbdda513eb8
Details	sha256	2	b4b9fdf30c017af1a8a3375218e43073117690a71c3f00ac5f6361993471e5e7
Details	sha256	2	b824bbc645f15e213b4cb2628f7d383e9e37282059b03f6fe60f7c84ea1fed1f
Details	sha256	4	c6e2ef30a86baa670590bd21acf5b91822117e0cbe6060060bc5fe0182dace99
Details	sha256	2	c728e3a0d4a293e44314d663945354427848c220d05d5d87cdedd9995fee3dfe
Details	sha256	2	cf60d0d6b05bfe2e51ca9dac01a4ae506b90d78d8d9d0fc266e3c01d8d2ba6b7
Details	sha256	2	d4645d2c29505cf10d1b201826c777b62cbf9d752cb1008bef1192e0dd545a82
Details	sha256	1	d4647619fa2dc8fef5560d1662cbee6eb7dc95298dd40edf12dd4c8ee902d767
Details	sha256	2	daed41395ba663bef2c52e3d1723ac46253a9008b582bb8d9da9cb0044991720
Details	sha256	1	e146f17a53300e19ec480d069b341688127d46198ff0fdd0e059914130d56f56
Details	sha256	3	e4a2260bcba8059207fdcc2d59841a8c4ddbe39b6b835feef671bceb95cd232d
Details	sha256	2	e9b24041847844a5d57b033bf0b41dc637eba7664acfb43da5db635ae920a1b4
Details	sha256	2	eaac447d6ae733210a07b1f79e97eda017a442e721d8fafe618e2c789b18234b
Details	sha256	2	eafce6e79a087b26475260afe43f337e7168056616b3e073832891bf18c299c1
Details	sha256	2	ed47e6ecca056bba20f2b299b9df1022caf2f3e7af1f526c1fe3b8bf2d6e7404
Details	sha256	1	f32604fba766c946b429cf7e152273794ebba9935999986b7e137ca46cd165fc
Details	sha256	2	f7b3da61cb6a37569270554776dbbd1406d7203718c0419c922aa393c07e9884
Details	sha256	2	fe2b2beeff98cae90f58a5b2f01dab31eaa98d274757a7dd9f70f4dc8432a6e2
Details	sha256	2	6a7b7147fea63d77368c73cef205eb75d16ef209a246b05698358a28fd16e502
Details	IPv4	8	99.83.154.118
Details	Windows Registry Key	15	HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid