General
-
Target
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5.exe
-
Size
6.0MB
-
Sample
210227-mxdxt62sbj
-
MD5
03b1daa2ee50da70c70c779b7471f492
-
SHA1
dfccc553dd00dee74dc212373a82cae24e2648b5
-
SHA256
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5
-
SHA512
5992a51209077ef25069c6c2e2a8f7f30e049e4938c9f0be49d3eaa02267f307d7fc23b5589151d910a5ff66fe20dd0c798a0b0b403597f311cf145d5ee9ef4e
Static task
static1
Behavioral task
behavioral1
Sample
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5.exe
Resource
win10v20201028
Malware Config
Extracted
danabot
1765
3
192.3.26.98:443
192.236.146.203:443
142.44.224.16:443
192.161.48.5:443
-
embedded_hash
B2585F6479280F48B64C99F950BBF36D
Targets
-
-
Target
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5.exe
-
Size
6.0MB
-
MD5
03b1daa2ee50da70c70c779b7471f492
-
SHA1
dfccc553dd00dee74dc212373a82cae24e2648b5
-
SHA256
a954e03d2300786bf77ab0caab269c05b75c34d62e0497979bfbb6919befcff5
-
SHA512
5992a51209077ef25069c6c2e2a8f7f30e049e4938c9f0be49d3eaa02267f307d7fc23b5589151d910a5ff66fe20dd0c798a0b0b403597f311cf145d5ee9ef4e
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-