General

  • Target

    Static.dll

  • Size

    226KB

  • Sample

    210311-hp1pb5xhdn

  • MD5

    540b62939a976bb687fd8bd25d6c04f5

  • SHA1

    cdd34a2c3b7e106210d68d246bfbec5e867847c7

  • SHA256

    7e47d3574015db89aee5581334eeb50da960b0643c5a1c033796cf85d45fc852

  • SHA512

    e63209071886a659f4e59d6b066cd98d04e8c6058a505b773e9b0f10ef5f37a18d35e8a2f47c4f4f2a3ff74b43272b74ea862119c4f40ad8399de3af727e2479

Malware Config

Extracted

Family

hancitor

Botnet

1003_1

C2

http://lationvold.com/8/forum.php

http://popubjettor.ru/8/forum.php

http://thabilemithe.ru/8/forum.php

Targets

    • Target

      Static.dll

    • Size

      226KB

    • MD5

      540b62939a976bb687fd8bd25d6c04f5

    • SHA1

      cdd34a2c3b7e106210d68d246bfbec5e867847c7

    • SHA256

      7e47d3574015db89aee5581334eeb50da960b0643c5a1c033796cf85d45fc852

    • SHA512

      e63209071886a659f4e59d6b066cd98d04e8c6058a505b773e9b0f10ef5f37a18d35e8a2f47c4f4f2a3ff74b43272b74ea862119c4f40ad8399de3af727e2479

    • Hancitor

      Hancitor is downloader used to deliver other malware families.

MITRE ATT&CK Matrix

Tasks