Overview

overview

10

Static

static

3

55dc9b178a...JC.exe

windows7-x64

7

55dc9b178a...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55dc9b178aaecbfb07e56a9b8c50114c_mafia_JC.exe

  • Size

    527KB

  • Sample

    230820-n1w4mafd43

  • MD5

    55dc9b178aaecbfb07e56a9b8c50114c

  • SHA1

    fa82a469ed4e9a9cdde528393c6852214bcc9a43

  • SHA256

    7c3b754a13dc5a7f19cba5ff48547decb6ab46ed4770eb92cfc0958b172a15d4

  • SHA512

    124155e91082bd6db9db2f200b5b6d16b4c0f3100a2f8ede679a0db8e7da769c83e8234e21528acc3c198f1932baf2870bb58aa56322c9550067c50dcea48813

  • SSDEEP

    12288:fU5rCOTeid68wKd3WZnz5U6z+3BUsShLIj61Y8xNrlqDZu:fUQOJd8zq6zciLIIYONrUDo

Score
10/10
anchordnsbackdoor

Malware Config

Targets

    • Target

      55dc9b178aaecbfb07e56a9b8c50114c_mafia_JC.exe

    • Size

      527KB

    • MD5

      55dc9b178aaecbfb07e56a9b8c50114c

    • SHA1

      fa82a469ed4e9a9cdde528393c6852214bcc9a43

    • SHA256

      7c3b754a13dc5a7f19cba5ff48547decb6ab46ed4770eb92cfc0958b172a15d4

    • SHA512

      124155e91082bd6db9db2f200b5b6d16b4c0f3100a2f8ede679a0db8e7da769c83e8234e21528acc3c198f1932baf2870bb58aa56322c9550067c50dcea48813

    • SSDEEP

      12288:fU5rCOTeid68wKd3WZnz5U6z+3BUsShLIj61Y8xNrlqDZu:fUQOJd8zq6zciLIIYONrUDo

    Score
    10/10
    anchordnsbackdoor

    • AnchorDNS Backdoor

      A backdoor which communicates with C2 through DNS, attributed to the creators of Trickbot and Bazar.

      backdooranchordns

    • Detected AnchorDNS Backdoor

      Sample triggered yara rules associated with the AnchorDNS malware family.

      backdoor

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks