SHARE
TWEET

2019-02-26 - Malware from Hancitor infection

malware_traffic Feb 26th, 2019 561 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-02-26 - MALWARE FROM HANCITOR INFECTION
  2.  
  3. DOWNLOADED XLS SPREADSHEET:
  4.  
  5. - SHA256 hash: 9f20885f682fc45ff968788ea89ff27980f78d2df3dc02220fc360b2ea11e555
  6. - File size: 110,080 bytes
  7. - File name: invoice_501793.xls (random digits in the file name)
  8. - Any.Run analysis: https://app.any.run/tasks/4262497b-d7d4-41e4-8a16-d24024e355b1
  9. - CAPE sandbox: https://cape.contextis.com/analysis/40380/
  10. - Reverse.it: https://www.reverse.it/sample/9f20885f682fc45ff968788ea89ff27980f78d2df3dc02220fc360b2ea11e555
  11.  
  12. HANCITOR MALWARE BINARY:
  13.  
  14. - SHA256 hash: c7b50a001220ed2eb9b2a720e232a141fe3c2580f2554223502bc5d6611a5a80
  15. - File size: 80,384 bytes
  16. - File location: hxxp://matesargentinos[.]com/wp-content/includes/m.exe
  17. - File location: C:\Users\[username]\AppData\Local\Temp\file.exe
  18. - Any.Run analysis: https://app.any.run/tasks/23770399-e6d3-4608-99e4-57241d8b048f
  19. - CAPE sandbox: https://cape.contextis.com/analysis/40381/
  20. - Reverse.it: https://www.reverse.it/sample/c7b50a001220ed2eb9b2a720e232a141fe3c2580f2554223502bc5d6611a5a80
  21.  
  22. FOLLOW-UP USRNIF MALWARE:
  23.  
  24. - SHA256 hash: 771b6462e4fa8da048cbaf07662f47d51200da2134c7564167de04cad352d846
  25. - File size: 121,856 bytes
  26. - File location: C:\Users\[username]\AppData\Local\Temp\BN6B5F.tmp (random digits in the file name)
  27. - Any.Run analysis: https://app.any.run/tasks/bcd568d7-0424-4cb1-935c-5dda7a01b7e5
  28. - CAPE sandbox: https://cape.contextis.com/analysis/40382/
  29. - Reverse.it: https://www.reverse.it/sample/771b6462e4fa8da048cbaf07662f47d51200da2134c7564167de04cad352d846
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top