General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.12654.15342
-
Size
5.9MB
-
Sample
210417-qes8da2q7s
-
MD5
aa444cd99154f376edbbc9c3effa1f66
-
SHA1
3168456601e3aa7436ae521bb43d9af77171435d
-
SHA256
734f6783c377c10fd6816563b4eaf0a0c1f5fd30d0ceb271d5df53eabf553a49
-
SHA512
c259d41ce55bd50aae9b99f8f100c04ced6e484097fa6e664e086e7b39b48ac35388e901eb8d3c1e52e6259f0e08ec4f4a28915b29c7dc00669fa4e4af0dd576
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetect.malware1.12654.15342.exe
Resource
win7v20210408
Malware Config
Extracted
danabot
1827
3
192.236.147.83:443
23.106.123.141:443
192.210.198.12:443
23.254.225.170:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.12654.15342
-
Size
5.9MB
-
MD5
aa444cd99154f376edbbc9c3effa1f66
-
SHA1
3168456601e3aa7436ae521bb43d9af77171435d
-
SHA256
734f6783c377c10fd6816563b4eaf0a0c1f5fd30d0ceb271d5df53eabf553a49
-
SHA512
c259d41ce55bd50aae9b99f8f100c04ced6e484097fa6e664e086e7b39b48ac35388e901eb8d3c1e52e6259f0e08ec4f4a28915b29c7dc00669fa4e4af0dd576
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-