General
-
Target
2b53aa4ae25e0a2aa60b1f8094d0d4b1.exe
-
Size
6.0MB
-
Sample
210606-wp7h6w1cba
-
MD5
2b53aa4ae25e0a2aa60b1f8094d0d4b1
-
SHA1
07baf301c60c36b8f8f584bc0965e381116258ca
-
SHA256
f9a4b4cc955f9e3b1154a6f1d425732c5e8785afe6deacfaa378efb9825e9e53
-
SHA512
f618cca0245a29a79f40b9263d6705badb01efc33624912b659de68ac5eef051582296879a7d7a150ca98a1bd374237011580780d2b9130b69514eb4790a50f4
Static task
static1
Behavioral task
behavioral1
Sample
2b53aa4ae25e0a2aa60b1f8094d0d4b1.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
184.95.51.183:443
184.95.51.175:443
192.210.198.12:443
184.95.51.180:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
2b53aa4ae25e0a2aa60b1f8094d0d4b1.exe
-
Size
6.0MB
-
MD5
2b53aa4ae25e0a2aa60b1f8094d0d4b1
-
SHA1
07baf301c60c36b8f8f584bc0965e381116258ca
-
SHA256
f9a4b4cc955f9e3b1154a6f1d425732c5e8785afe6deacfaa378efb9825e9e53
-
SHA512
f618cca0245a29a79f40b9263d6705badb01efc33624912b659de68ac5eef051582296879a7d7a150ca98a1bd374237011580780d2b9130b69514eb4790a50f4
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-