Overview

overview

8

Static

static

1

HitmanPro_x64.exe

windows7-x64

8

HitmanPro_x64.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    HitmanPro_x64.exe

  • Size

    13.6MB

  • Sample

    231016-wqhggsbd8t

  • MD5

    15e710b146c623f60cfa3e1b516b640e

  • SHA1

    cc00f20fa520b3c5ea3bade44cd77e642a607150

  • SHA256

    94f068bda39698e454f3cd8905be87d1c761ca55c4a5f7c59f71a55861ed0d9e

  • SHA512

    3c5bcccf2a3442713007bd9fc1a78ec16ba80a96a97b47eb765d1a96a90ee3f792a6778a975644ca9a042142a7beff9cf01d97e1a9a68664f395c04eedeccbfc

  • SSDEEP

    393216:CnH1zVtWtFaG25MJFjrTuSne6Jq7N/Sk9:haG2ufjrCqO

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      HitmanPro_x64.exe

    • Size

      13.6MB

    • MD5

      15e710b146c623f60cfa3e1b516b640e

    • SHA1

      cc00f20fa520b3c5ea3bade44cd77e642a607150

    • SHA256

      94f068bda39698e454f3cd8905be87d1c761ca55c4a5f7c59f71a55861ed0d9e

    • SHA512

      3c5bcccf2a3442713007bd9fc1a78ec16ba80a96a97b47eb765d1a96a90ee3f792a6778a975644ca9a042142a7beff9cf01d97e1a9a68664f395c04eedeccbfc

    • SSDEEP

      393216:CnH1zVtWtFaG25MJFjrTuSne6Jq7N/Sk9:haG2ufjrCqO

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks