General
-
Target
748e0ead4f83adb0e998badcc9162b9b.exe
-
Size
5.9MB
-
Sample
210428-3kemkbx1bs
-
MD5
748e0ead4f83adb0e998badcc9162b9b
-
SHA1
ace1bba4c0e96cb82ba4dd9b9fbe53e944ebcc83
-
SHA256
c3a37f9ca1adb4ac16434269e909bbc87fe684cfaf414473ecd8edc499e59fc5
-
SHA512
151ca0c9ff17ff09fa436ba9892949fe67d4f20cac11be59235c9a5d5fee604a459f57a638202b325fb205a7cf2147032d4d73b010cd54ca76df8d2ff51d54d8
Static task
static1
Behavioral task
behavioral1
Sample
748e0ead4f83adb0e998badcc9162b9b.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
192.236.147.83:443
184.95.51.175:443
23.106.123.185:443
192.210.198.12:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
748e0ead4f83adb0e998badcc9162b9b.exe
-
Size
5.9MB
-
MD5
748e0ead4f83adb0e998badcc9162b9b
-
SHA1
ace1bba4c0e96cb82ba4dd9b9fbe53e944ebcc83
-
SHA256
c3a37f9ca1adb4ac16434269e909bbc87fe684cfaf414473ecd8edc499e59fc5
-
SHA512
151ca0c9ff17ff09fa436ba9892949fe67d4f20cac11be59235c9a5d5fee604a459f57a638202b325fb205a7cf2147032d4d73b010cd54ca76df8d2ff51d54d8
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-