General
-
Target
b75e7348_by_Libranalysis
-
Size
9.3MB
-
Sample
210503-7626drplln
-
MD5
b75e734845e212357778571c255f90bb
-
SHA1
76228ef3173b003f0319cfc3a4e6ee9c51ace683
-
SHA256
a04af7fb3b5483d292093d1b67b6ed496d5643698121c04fedaa15e8078b748d
-
SHA512
af098bc44e0ce89ae0c0d97f507b64a80bc77e2a8caeb91869e9c3ba8cf600e691510306b667be2b5002068c3c5d21ecb9d792876657550a0c9f720e069c6356
Static task
static1
Behavioral task
behavioral1
Sample
b75e7348_by_Libranalysis.dll
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
22
198.211.116.98:443
165.227.38.61:443
8.208.9.104:443
134.209.237.20:443
-
embedded_hash
F0CDE8332809AAECCF99C00772B539AB
Targets
-
-
Target
b75e7348_by_Libranalysis
-
Size
9.3MB
-
MD5
b75e734845e212357778571c255f90bb
-
SHA1
76228ef3173b003f0319cfc3a4e6ee9c51ace683
-
SHA256
a04af7fb3b5483d292093d1b67b6ed496d5643698121c04fedaa15e8078b748d
-
SHA512
af098bc44e0ce89ae0c0d97f507b64a80bc77e2a8caeb91869e9c3ba8cf600e691510306b667be2b5002068c3c5d21ecb9d792876657550a0c9f720e069c6356
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-