Overview

overview

10

Static

static

10

run.bat

windows7_x64

10

run.bat

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    run.zip

  • Size

    418KB

  • MD5

    304fea62b42284a0e5e76cd3380193f7

  • SHA1

    f29e671f42fa39e75f8d68500094aa4f15334d94

  • SHA256

    49b4263f1b3d4f76fdbfc96d310967a5eb620723bfc3f3380e41cff42152941c

  • SHA512

    52f723848f7f8b4bd7977e7677d597a9bdb27e075042781264ef066a98982b9036408b45941cbabf21767710d9ddac8037b54e0937fead94e22a722861b6b34b

Score
10/10
botnetdanabot

Malware Config

Extracted

Family

danabot

C2

209.182.218.222

185.227.109.40

64.188.12.140

64.188.19.39

151.132.52.6

60.215.126.177

241.204.205.22

226.142.229.160

75.21.103.39

185.181.8.49
rsa_pubkey.plain

Signatures

  • Danabot family
    danabot
  • Danabot x86 payload 1 IoCs

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

Files

  • run.zip
    .zip
  • run.bat
  • tDNIlBT.dll
    .dll windows x86


    Exports