General
-
Target
207b359762880022069a8fbfba1965df.exe
-
Size
6.0MB
-
Sample
210602-tnmdcx31ax
-
MD5
207b359762880022069a8fbfba1965df
-
SHA1
ea6ff70cc95b9c2bce720f29d6a308df757b777d
-
SHA256
f8fd37362ec6f9a22a0aea994b4e9498247629b121ebd2c69a9864dbadab51ea
-
SHA512
7ca048b02fec1eac842b0e48284f177c0059645d04facc6c938ea54f1bc216b643aef6be3ebfbcf5e470251d9fdd65c676eb0dab6b2e3a7a58a4066f064279db
Static task
static1
Behavioral task
behavioral1
Sample
207b359762880022069a8fbfba1965df.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
184.95.51.183:443
184.95.51.175:443
192.210.198.12:443
184.95.51.180:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
207b359762880022069a8fbfba1965df.exe
-
Size
6.0MB
-
MD5
207b359762880022069a8fbfba1965df
-
SHA1
ea6ff70cc95b9c2bce720f29d6a308df757b777d
-
SHA256
f8fd37362ec6f9a22a0aea994b4e9498247629b121ebd2c69a9864dbadab51ea
-
SHA512
7ca048b02fec1eac842b0e48284f177c0059645d04facc6c938ea54f1bc216b643aef6be3ebfbcf5e470251d9fdd65c676eb0dab6b2e3a7a58a4066f064279db
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-