Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://github.com/M...

windows7-x64

10

https://github.com/M...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/MalwareSamples/Malware-Feed/raw/master/2020.10.29_CISA-Ransomware_Healthcare/0816d66320d221de576c8a9e6af1b05c7656832939876dd99bb8b40029fe694a

  • Sample

    240105-vtsk7afdan

Score
10/10
anchordnsbackdoor

Malware Config

Targets

    • Target

      https://github.com/MalwareSamples/Malware-Feed/raw/master/2020.10.29_CISA-Ransomware_Healthcare/0816d66320d221de576c8a9e6af1b05c7656832939876dd99bb8b40029fe694a

    Score
    10/10
    anchordnsbackdoor

    • AnchorDNS Backdoor

      A backdoor which communicates with C2 through DNS, attributed to the creators of Trickbot and Bazar.

      backdooranchordns

    • Detected AnchorDNS Backdoor

      Sample triggered yara rules associated with the AnchorDNS malware family.

      backdoor

    • Downloads MZ/PE file

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks