Overview

overview

10

Static

static

8

d225efab3c...9b.doc

windows7-x64

4

d225efab3c...9b.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d225efab3cf8f751c299accb3f114e9b

  • Size

    612KB

  • Sample

    240318-a568haca73

  • MD5

    d225efab3cf8f751c299accb3f114e9b

  • SHA1

    fdabc9901ed3b774b106859f4c5c0c3c1dcf1aef

  • SHA256

    2ae278b49a16340323666bc486a2686491391374365393142e44a25c16b29465

  • SHA512

    c0656fa0af6391c2568efe70b1b9ee0120eace96575f0c04ceea9d77aa94b6941b682257585097cef8fb661bf5944f9ab69792aa413173cb6300d361828bc672

  • SSDEEP

    12288:EV9iQsDr8N5eCz3DFw7m/kdxoF3aHUp6BvNoywaMFsZjjotAd5Rs+:EVXkr8N8Cz6voFqDisSIj

Score
10/10
hancitor1808_plfrdownloadermacromacro_on_action

Malware Config

Extracted

Family

hancitor

Botnet

1808_plfr

C2

http://madmilons.com/8/forum.php

http://counteent.ru/8/forum.php

http://simatereare.ru/8/forum.php

Targets

    • Target

      d225efab3cf8f751c299accb3f114e9b

    • Size

      612KB

    • MD5

      d225efab3cf8f751c299accb3f114e9b

    • SHA1

      fdabc9901ed3b774b106859f4c5c0c3c1dcf1aef

    • SHA256

      2ae278b49a16340323666bc486a2686491391374365393142e44a25c16b29465

    • SHA512

      c0656fa0af6391c2568efe70b1b9ee0120eace96575f0c04ceea9d77aa94b6941b682257585097cef8fb661bf5944f9ab69792aa413173cb6300d361828bc672

    • SSDEEP

      12288:EV9iQsDr8N5eCz3DFw7m/kdxoF3aHUp6BvNoywaMFsZjjotAd5Rs+:EVXkr8N8Cz6voFqDisSIj

    Score
    10/10
    hancitor1808_plfrdownloader

    • Hancitor

      Hancitor is downloader used to deliver other malware families.

      downloaderhancitor

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks