Overview

overview

10

Static

static

10

RgNOzTfNPzRgNPzRg.dll

windows7_x64

10

RgNOzTfNPzRgNPzRg.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RgNOzTfNPzRgNPzRg.dll

  • Size

    2.2MB

  • MD5

    f69ae2857fd443a32acdf97fa08076f1

  • SHA1

    ab9dfa582b8b3a4a80b476170518213600167cf4

  • SHA256

    a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721

  • SHA512

    2ec6154be4839135f903b691aea477f3da78a5a9f18eee2d6a3cf76962cb71a83fcd09c8df8ea159a0447fca376aed79d4773a8e3d6f1c2d35b5089b65742b81

Score
10/10
botnetdanabot

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92
rsa_pubkey.plain

Signatures

  • Danabot family
    danabot
  • Danabot x86 payload 1 IoCs

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

Files

  • RgNOzTfNPzRgNPzRg.dll
    .dll windows x86


    Exports