General
-
Target
b9693dd3a41133797a72b338c0f5f578.exe
-
Size
6.1MB
-
Sample
210531-74rzsx4nqs
-
MD5
b9693dd3a41133797a72b338c0f5f578
-
SHA1
8545b51a1eb4079b12239fd6c0cada0bff47104d
-
SHA256
8c972df4aae05c578ee1a340f2d1024ee1bc37a5dcdb3a8c0e3b46f55bdb8a89
-
SHA512
d8c42f01505931e809c8e6ef5344f62d631acbda9c5f65649b466b49bb91b89a113c44482571f8e40e47e2acbd7d13fba66ab68df130d56b8186136b82223e40
Static task
static1
Behavioral task
behavioral1
Sample
b9693dd3a41133797a72b338c0f5f578.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
184.95.51.183:443
184.95.51.175:443
192.210.198.12:443
184.95.51.180:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
b9693dd3a41133797a72b338c0f5f578.exe
-
Size
6.1MB
-
MD5
b9693dd3a41133797a72b338c0f5f578
-
SHA1
8545b51a1eb4079b12239fd6c0cada0bff47104d
-
SHA256
8c972df4aae05c578ee1a340f2d1024ee1bc37a5dcdb3a8c0e3b46f55bdb8a89
-
SHA512
d8c42f01505931e809c8e6ef5344f62d631acbda9c5f65649b466b49bb91b89a113c44482571f8e40e47e2acbd7d13fba66ab68df130d56b8186136b82223e40
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-