General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.12135.10971
-
Size
5.9MB
-
Sample
210409-r2r3w458aj
-
MD5
a1d41370fa33850a53da98f69c4bf735
-
SHA1
0bdab47ba112c6639077c740d5d659e53edb6ea7
-
SHA256
11ad6a2816687b70968f90ef3c5489f98cb38d04be064d1834ed7d23ed3338fc
-
SHA512
a37006945a93f2555b870c24f35600c50477c162d2ef7a66e5ca65f7384075b9259e0bcd4f5e66d46914e5b38e295be837fa54e5c4073f0887bbc61e14f6ebe1
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetect.malware1.12135.10971.exe
Resource
win7v20201028
Malware Config
Extracted
danabot
1827
3
193.34.167.88:443
192.210.198.12:443
23.81.246.201:443
192.3.26.107:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.12135.10971
-
Size
5.9MB
-
MD5
a1d41370fa33850a53da98f69c4bf735
-
SHA1
0bdab47ba112c6639077c740d5d659e53edb6ea7
-
SHA256
11ad6a2816687b70968f90ef3c5489f98cb38d04be064d1834ed7d23ed3338fc
-
SHA512
a37006945a93f2555b870c24f35600c50477c162d2ef7a66e5ca65f7384075b9259e0bcd4f5e66d46914e5b38e295be837fa54e5c4073f0887bbc61e14f6ebe1
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-