SHARE
TWEET

2019-02-12 - malware from Hancitor infection

malware_traffic Feb 12th, 2019 (edited) 1,015 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2019-02-12 - MALWARE FROM HANCITOR INFECTION
  2.  
  3. DOWNLOADED XLS SPREADSHEET:
  4.  
  5. - SHA256 hash: d6cb519566aa77b2996522c99edd5ff06069cbb6eb7b6a9f40e0ca80de449a7f
  6. - File size: 120,832 bytes
  7. - File name: invoice_322718.xls (random digits in the file name)
  8. - Any.Run analysis: https://app.any.run/tasks/885624f8-a19e-4e99-a5b7-0701d4b560ae
  9. - CAPE sandbox: https://cape.contextis.com/analysis/36638/
  10. - Reverse.it: https://www.reverse.it/sample/d6cb519566aa77b2996522c99edd5ff06069cbb6eb7b6a9f40e0ca80de449a7f
  11.  
  12. HANCITOR MALWARE BINARY:
  13.  
  14. - SHA256 hash: 5cba28ccdc33258e580209009510934c235d177692cc1330d896e2fcab0d075b
  15. - File size: 262,920 bytes
  16. - File location: C:\Users\[username]\AppData\Local\Temp\file.exe
  17. - Any.Run analysis: https://app.any.run/tasks/de7b77a1-bed6-4b58-a337-c3511642d9b8
  18. - CAPE sandbox: https://cape.contextis.com/analysis/36640/
  19. - Reverse.it: https://www.reverse.it/sample/5cba28ccdc33258e580209009510934c235d177692cc1330d896e2fcab0d075b
  20.  
  21. FOLLOW-UP USRNIF MALWARE:
  22.  
  23. - SHA256 hash: 885e5402aa8554edcae0b5a52f4c120699364b60208b0353de0440f81ea5a2b4
  24. - File size: 117,760 bytes
  25. - File location: C:\Users\[username]\AppData\Local\Temp\BN5328.tmp (random digits in the file name)
  26. - Any.Run analysis: https://app.any.run/tasks/07bc44e5-1a65-43e5-b7af-8f0615d6052f
  27. - CAPE sandbox: https://cape.contextis.com/submit/status/36642/
  28. - Reverse.it: https://www.reverse.it/sample/885e5402aa8554edcae0b5a52f4c120699364b60208b0353de0440f81ea5a2b4
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top