Overview

overview

10

Static

static

if.bin.dll

windows7_x64

10

if.bin.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    if.bin.dll

  • Size

    515KB

  • Sample

    211215-s9xtqsaggj

  • MD5

    e826972d1fefac908f57b5694cef9a3b

  • SHA1

    4e7bc3d9d93dd54296cfe0083d882abe718304d2

  • SHA256

    c1134b990e09241e2894e23e2b853e64f5c49ee1555d3a2da8f9c5d99edbb233

  • SHA512

    2a3450e14598c7c442d543d722a85a88e2718abeb142762e7c11144802537f95b67c1d44686524b2ad6e89b53141d55541315625d8cb9330895a4621766d5540

Score
10/10
hancitor1212_pljfdidownloader

Malware Config

Extracted

Family

hancitor

Botnet

1212_pljfdi

C2

http://ybotedin.com/9/forum.php

http://joirmeraw.ru/9/forum.php

http://sibiquan.ru/9/forum.php

Targets

    • Target

      if.bin.dll

    • Size

      515KB

    • MD5

      e826972d1fefac908f57b5694cef9a3b

    • SHA1

      4e7bc3d9d93dd54296cfe0083d882abe718304d2

    • SHA256

      c1134b990e09241e2894e23e2b853e64f5c49ee1555d3a2da8f9c5d99edbb233

    • SHA512

      2a3450e14598c7c442d543d722a85a88e2718abeb142762e7c11144802537f95b67c1d44686524b2ad6e89b53141d55541315625d8cb9330895a4621766d5540

    Score
    10/10
    hancitor1212_pljfdidownloader

    • Hancitor

      Hancitor is downloader used to deliver other malware families.

      downloaderhancitor
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks