anchordns | 3c4b9645d821827d367ec4e605a708186fb29e7780db97a693220146701730e5[.]bin[.]sample[.]gz | Triage

Sharing

General

Target

3c4b9645d821827d367ec4e605a708186fb29e7780db97a693220146701730e5.bin.sample.gz
Size

166KB
MD5

c0fec6cc32fb9015308664dedf454d0c
SHA1

7f34b2fef896afc15b8c6a687ca53b9439202aba
SHA256

28021406bc48270b860678a7dc3be68025ff7241f27efb2fc03bf7e908dad6f2
SHA512

424ea8a3faf2df6478955973dda6c63fbfbc215778314382543ffa66706a7bcd38e4050753473841812e8ef97601c26e70a85e10fe29ef25b51a215408e28dec

Score

10^/10

backdoor anchordns

Malware Config

Signatures

Anchordns family
anchordns

Detected AnchorDNS Backdoor 1 IoCs

Sample triggered yara rules associated with the AnchorDNS malware family.

Processes:

resource	yara_rule
static1/unpack001/sample	family_anchor_dns

Files

3c4b9645d821827d367ec4e605a708186fb29e7780db97a693220146701730e5.bin.sample.gz
.gz

Password: infected
sample
.dll windows x64

Exports

Exports

ServiceMain
SvchostPushServiceGlobals