Menu

DarkHydrus is launching attacks

0 Comment


DarkHydrus is launching attacks to targets in Middle East. DNS tunneling is used for C2 communication.

Dropper:الفهارس.xlsm
VT Link https://www.virustotal.com/#/file/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8/detection …
C2: http://edgekey.live  http://akdns.live  http://trafficmanager.live  http://akamaized.live  http://akamaiedge.live 

22 engines detected this file

SHA-256513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8
File name=?UTF-8?B?2KfZhNmB2YfYp9ix2LMueGxzbQ==?=
File size36.79 KB
Last analysis2019-01-09 08:33:50 UTC

https://www.virustotal.com/#/file/513813af1590bc9edeb91845b454d42bbce6a5e2d43a9b0afa7692e4e500b4c8/detection

Language