Malware Signature

The following table shows a list of malware samples and the corresponding botnet C&C (ip:port) associated with Hancitor

Database Entry


Malware:Hancitor
First seen:2016-08-18 08:59:20 UTC
Last seen:2018-10-18 05:31:06 UTC

Malware Samples


The table below documents all malware samples associated with this malware family.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2018-10-18 05:31:068359e029989b712bfd33b6b82d36ab46Virustotal results 17/56 (30.36%) Hancitor193.183.98.122:443
2018-10-18 05:31:068359e029989b712bfd33b6b82d36ab46Virustotal results 17/56 (30.36%) Hancitor193.183.98.122:443
2018-09-12 04:51:00a1ac08123d98990c905e2608ce25d5e6Virustotal results 24/67 (35.82%) Hancitor89.223.94.240:443
2018-09-12 04:51:00a1ac08123d98990c905e2608ce25d5e6Virustotal results 24/67 (35.82%) Hancitor89.223.94.240:443
2018-08-22 17:00:1146df3b0ed4eef0de5552a6c509492e0dVirustotal results 23/59 (38.98%) Hancitor91.217.90.133:443
2018-08-22 17:00:1146df3b0ed4eef0de5552a6c509492e0dVirustotal results 23/59 (38.98%) Hancitor91.217.90.133:443
2017-10-27 11:21:581621f341e058349973f8d71a3242dd9aVirustotal results 16/59 (27.12%) Hancitor164.132.28.118:443
2017-10-27 11:21:581621f341e058349973f8d71a3242dd9aVirustotal results 16/59 (27.12%) Hancitor164.132.28.118:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor137.74.194.227:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor82.146.32.87:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor137.74.194.227:443
2016-11-16 19:23:20ddef86a97d892abbdc0f61407ec769feVirustotal results 21/56 (37.50%) Hancitor82.146.32.87:443
2016-10-13 06:42:05ef26e4c1eb933fac780dd6e337ee6f4cn/aHancitor78.155.217.154:443
2016-10-13 06:42:05ef26e4c1eb933fac780dd6e337ee6f4cn/aHancitor78.155.217.154:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor31.184.233.105:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor78.155.217.154:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor31.184.233.105:443
2016-10-12 18:26:05b37da106cbe73a4450dc28786f7da27fVirustotal results 40/57 (70.18%) Hancitor78.155.217.154:443
2016-10-11 20:56:551d5040d5cf56bdfa46987a6736586515Virustotal results 32/56 (57.14%) Hancitor91.220.131.174:50007
2016-10-11 20:56:551d5040d5cf56bdfa46987a6736586515Virustotal results 32/56 (57.14%) Hancitor91.220.131.174:50007
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor185.22.65.47:443
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor85.17.82.104:443
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor185.22.65.47:443
2016-09-27 18:03:59cebd26c28f001e8931fa494723d7844aVirustotal results 35/57 (61.40%) Hancitor85.17.82.104:443
2016-08-29 15:47:05cc05867751b1de3cab89c046210faed4Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-29 15:47:05cc05867751b1de3cab89c046210faed4Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-21 09:14:158be0ca71efa2ba3d3fb2acebcc88e5e7Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-21 09:14:158be0ca71efa2ba3d3fb2acebcc88e5e7Virustotal results 33/56 (58.93%) Hancitor185.22.65.47:443
2016-08-18 08:59:205c0d870c2d427806691fc773a2b5942cVirustotal results 31/56 (55.36%) Hancitor185.46.8.214:443
2016-08-18 08:59:205c0d870c2d427806691fc773a2b5942cVirustotal results 31/56 (55.36%) Hancitor185.46.8.214:443