Overview

overview

10

Static

static

10

cf059fb6dc...59.exe

windows7_x64

6

cf059fb6dc...59.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf059fb6dca8f28b7c95a1b8d9ff30a62d05118b4c7dcee4a2103133fb535659

  • Size

    25KB

  • Sample

    220523-3td2sshhh9

  • MD5

    bc125af0ccbe37b20beb5e2628cda6d6

  • SHA1

    d4aec9346f7a2bdd084471738809e28f77985f1c

  • SHA256

    cf059fb6dca8f28b7c95a1b8d9ff30a62d05118b4c7dcee4a2103133fb535659

  • SHA512

    62071b91b4e9179fed0ba63b71d15d01870313aed716b8d6e4650d441248a497a92261bcb2dc9c8c3a01c13bbbd349d3ed0ce69ad2cd2ef9c230bd2ee3d5f716

Score
10/10
hancitor1811_67213

Malware Config

Extracted

Family

hancitor

Botnet

1811_67213

C2

http://elesengrity.com/4/forum.php

http://lardempotr.ru/4/forum.php

http://dethavare.ru/4/forum.php

Targets

    • Target

      cf059fb6dca8f28b7c95a1b8d9ff30a62d05118b4c7dcee4a2103133fb535659

    • Size

      25KB

    • MD5

      bc125af0ccbe37b20beb5e2628cda6d6

    • SHA1

      d4aec9346f7a2bdd084471738809e28f77985f1c

    • SHA256

      cf059fb6dca8f28b7c95a1b8d9ff30a62d05118b4c7dcee4a2103133fb535659

    • SHA512

      62071b91b4e9179fed0ba63b71d15d01870313aed716b8d6e4650d441248a497a92261bcb2dc9c8c3a01c13bbbd349d3ed0ce69ad2cd2ef9c230bd2ee3d5f716

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks