Overview

overview

10

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2023-08-26_90d36f3ef4404867271f25058663daa5_mafia_JC.exe

  • Size

    527KB

  • Sample

    231011-m5373aac4z

  • MD5

    90d36f3ef4404867271f25058663daa5

  • SHA1

    09881375560b60295cb8b4f489a7991e0ee3a760

  • SHA256

    5b05987edb639cd7ed26aaecd3dd593eac04dde3acef7c6b586f76f4b0d4640d

  • SHA512

    70216b4fb46f835f9478e8623b94fc9977c64bad45016b63d2a8213b31e1d2fb787655f04f3c4fed0b982ef84e33a65355875d7658f6694155b68ba642c0beaf

  • SSDEEP

    12288:fU5rCOTeid8qDKql+Ha1WnkAQYE7w4CMxe5DZu:fUQOJdxKql+61WnRE8P5Do

Score
10/10
anchordnsbackdoor

Malware Config

Targets

    • Target

      2023-08-26_90d36f3ef4404867271f25058663daa5_mafia_JC.exe

    • Size

      527KB

    • MD5

      90d36f3ef4404867271f25058663daa5

    • SHA1

      09881375560b60295cb8b4f489a7991e0ee3a760

    • SHA256

      5b05987edb639cd7ed26aaecd3dd593eac04dde3acef7c6b586f76f4b0d4640d

    • SHA512

      70216b4fb46f835f9478e8623b94fc9977c64bad45016b63d2a8213b31e1d2fb787655f04f3c4fed0b982ef84e33a65355875d7658f6694155b68ba642c0beaf

    • SSDEEP

      12288:fU5rCOTeid8qDKql+Ha1WnkAQYE7w4CMxe5DZu:fUQOJdxKql+61WnRE8P5Do

    Score
    10/10
    anchordnsbackdoor

    • AnchorDNS Backdoor

      A backdoor which communicates with C2 through DNS, attributed to the creators of Trickbot and Bazar.

      backdooranchordns

    • Detected AnchorDNS Backdoor

      Sample triggered yara rules associated with the AnchorDNS malware family.

      backdoor

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks