General
-
Target
RgNOzTfNPzRgNPzRg.dll
-
Size
2.2MB
-
Sample
201109-nh9m5qwlea
-
MD5
f69ae2857fd443a32acdf97fa08076f1
-
SHA1
ab9dfa582b8b3a4a80b476170518213600167cf4
-
SHA256
a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721
-
SHA512
2ec6154be4839135f903b691aea477f3da78a5a9f18eee2d6a3cf76962cb71a83fcd09c8df8ea159a0447fca376aed79d4773a8e3d6f1c2d35b5089b65742b81
Behavioral task
behavioral1
Sample
RgNOzTfNPzRgNPzRg.dll
Resource
win7v20201028
Malware Config
Extracted
danabot
172.81.129.196
54.38.22.65
192.99.219.207
51.255.134.130
192.236.179.73
23.82.140.201
45.147.228.92
Targets
-
-
Target
RgNOzTfNPzRgNPzRg.dll
-
Size
2.2MB
-
MD5
f69ae2857fd443a32acdf97fa08076f1
-
SHA1
ab9dfa582b8b3a4a80b476170518213600167cf4
-
SHA256
a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721
-
SHA512
2ec6154be4839135f903b691aea477f3da78a5a9f18eee2d6a3cf76962cb71a83fcd09c8df8ea159a0447fca376aed79d4773a8e3d6f1c2d35b5089b65742b81
-
Blocklisted process makes network request
-