Overview

overview

10

Static

static

10

01c5604e33...62.exe

windows7_x64

10

01c5604e33...62.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    144s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23/05/2022, 18:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01c5604e330f1a1c2228041f0fe2b8ce52f63ae1c3eac3462829b9fa2fb30862.exe

  • Size

    93KB

  • MD5

    cb2282bdd553623002a4b96ba3e1c192

  • SHA1

    13e8a9d435ce72ec3d8344bcb1ef32bbc31752fb

  • SHA256

    01c5604e330f1a1c2228041f0fe2b8ce52f63ae1c3eac3462829b9fa2fb30862

  • SHA512

    065a6b2403dfb20becbcdc4471a0dff81f92cee407a6a65071f658ff18282e1161f275bdc91e1b5a6755f97a17cd2a051746054093d3a45e7313793e538ffadb

Score
10/10
hancitor1004_672193downloader

Malware Config

Extracted

Family

hancitor

Botnet

1004_672193

C2

http://camovethet.com/4/forum.php

http://sindicosi.ru/4/forum.php

http://hedtgowithen.ru/4/forum.php

Signatures

  • Hancitor

    Hancitor is downloader used to deliver other malware families.

    downloaderhancitor

Processes

  • C:\Users\Admin\AppData\Local\Temp\01c5604e330f1a1c2228041f0fe2b8ce52f63ae1c3eac3462829b9fa2fb30862.exe
    "C:\Users\Admin\AppData\Local\Temp\01c5604e330f1a1c2228041f0fe2b8ce52f63ae1c3eac3462829b9fa2fb30862.exe"
    1⤵
      PID:1908

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1908-54-0x0000000000400000-0x000000000041B000-memory.dmp

      Filesize

      108KB

      Download