hancitor | 37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef | Triage

Submit
Reports

Overview

overview

Static

static

37674298db...ef.exe

windows7_x64

1

37674298db...ef.exe

windows10-2004_x64

3

Sharing

Static task

static1

1812_78213 hancitor

Behavioral task

behavioral1

Sample

37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef
Size

36KB
MD5

ebc67299a04a1898fc99710d99722214
SHA1

be6484611d8f87cf1a073052277d2f608a216f6b
SHA256

37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef
SHA512

65f8daad0c7373160c5d4ce3b53cce86ea27ae6ddfbbce70b931f8bed19587f3bfd242a2883d6f25e38aea869a34c6764237a59648550c9c90be4ea49f54130c
SSDEEP

768:7KsRswq8lczid02wYnElSMYVarkrKFZVPqNb:CDOMYWfkrKLwN

Score

10^/10

1812_78213 hancitor

Malware Config

Extracted

Family

hancitor

Botnet

1812_78213

C2

http://unceliet.com/4/forum.php

http://fitiondice.ru/4/forum.php

http://wordlegromin.ru/4/forum.php

Signatures

Hancitor family
hancitor

Files

37674298dbff12eb664d21c444c861d2f272e299cd4b4a1a35b09a3d4f1238ef
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy