hancitor | 42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d | Triage

Submit
Reports

Overview

overview

Static

static

42cb082a5d...4d.dll

windows7_x64

42cb082a5d...4d.dll

windows10-2004_x64

1

Sharing

General

Target

42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d
Size

136KB
Sample

220708-bd8spabdfn
MD5

dda7f3bb9dee24e6e2564ed656f1bf64
SHA1

e1ff05e4be55cae9a5d2035f40e923bbdda4b90c
SHA256

42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d
SHA512

b832c2967366b62ccdb6d14f9ab22ce9b42862a2261aefd21bdc43bb1c8d2938ba91e85cd9f94a48a721a220df202866635f7c2dd20a9faa528eb1484fa77753

Score

10^/10

hancitor 1212_78342432 downloader

Static task

static1

Behavioral task

behavioral1

Sample

42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d.dll

Resource

win7-20220414-en

hancitor 1212_78342432 downloader

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

hancitor

Botnet

1212_78342432

C2

http://vistiver.com/4/forum.php

http://thimemple.ru/4/forum.php

http://capandotd.ru/4/forum.php

Targets

- Target
  
  42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d
- Size
  
  136KB
- MD5
  
  dda7f3bb9dee24e6e2564ed656f1bf64
- SHA1
  
  e1ff05e4be55cae9a5d2035f40e923bbdda4b90c
- SHA256
  
  42cb082a5dcb4ef8a553d38b15f87aa0f5f408a8b78adf3320288320fac5c24d
- SHA512
  
  b832c2967366b62ccdb6d14f9ab22ce9b42862a2261aefd21bdc43bb1c8d2938ba91e85cd9f94a48a721a220df202866635f7c2dd20a9faa528eb1484fa77753
Score

10^/10

hancitor 1212_78342432 downloader
- Hancitor
  Hancitor is downloader used to deliver other malware families.
  downloader hancitor
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

hancitor1212_78342432downloader

behavioral2

© 2018-2024

Terms | Privacy