Overview

overview

10

Static

static

10

624a4a14d5...67.exe

windows7_x64

6

624a4a14d5...67.exe

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    624a4a14d55ef8e412f1564440d8b7033cf0ff352a50d3982925a23034ff2967

  • Size

    44KB

  • Sample

    211031-ybpclagda2

  • MD5

    55b47d2158cb66c7bac0b0d915fb5a04

  • SHA1

    56c2e0f4aecb965b2d39aed88c8e06405485caff

  • SHA256

    624a4a14d55ef8e412f1564440d8b7033cf0ff352a50d3982925a23034ff2967

  • SHA512

    bd18de7690adf68091b4112f139f62a8f04ae0f21cbf50666b17ce3d9f7f25f8d18277bbc1051492ee8630b069c04620d61bd265b86323c65b6272ab762a0786

Score
10/10
hancitor0707in2_wvcr

Malware Config

Extracted

Family

hancitor

Botnet

0707in2_wvcr

C2

http://sudepallon.com/8/forum.php

http://anspossthrly.ru/8/forum.php

http://thentabecon.ru/8/forum.php

Targets

    • Target

      624a4a14d55ef8e412f1564440d8b7033cf0ff352a50d3982925a23034ff2967

    • Size

      44KB

    • MD5

      55b47d2158cb66c7bac0b0d915fb5a04

    • SHA1

      56c2e0f4aecb965b2d39aed88c8e06405485caff

    • SHA256

      624a4a14d55ef8e412f1564440d8b7033cf0ff352a50d3982925a23034ff2967

    • SHA512

      bd18de7690adf68091b4112f139f62a8f04ae0f21cbf50666b17ce3d9f7f25f8d18277bbc1051492ee8630b069c04620d61bd265b86323c65b6272ab762a0786

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks