General
-
Target
717de3c8e1b6b501e2d3ffc800b321ee.exe
-
Size
6.0MB
-
Sample
210609-2ske7hl8ca
-
MD5
717de3c8e1b6b501e2d3ffc800b321ee
-
SHA1
3a7fbe5e21386d32febfa1cffd37b6262653f46e
-
SHA256
116a1e6834de8a94ce8d5c74369d59432dae59e04a09a5d517c7eb3f367e9a64
-
SHA512
3e0c6c264fe6c8f24bf670bc3a40943bc0015c8fbdd64e566e476bb77a86949469859e59009725ecaa7ba4aa02476c991f5011d903621678533df201e61ffb9f
Static task
static1
Behavioral task
behavioral1
Sample
717de3c8e1b6b501e2d3ffc800b321ee.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
184.95.51.183:443
184.95.51.175:443
192.210.198.12:443
184.95.51.180:443
-
embedded_hash
AEF96B4D339B580ABB737F203C2D0F52
Targets
-
-
Target
717de3c8e1b6b501e2d3ffc800b321ee.exe
-
Size
6.0MB
-
MD5
717de3c8e1b6b501e2d3ffc800b321ee
-
SHA1
3a7fbe5e21386d32febfa1cffd37b6262653f46e
-
SHA256
116a1e6834de8a94ce8d5c74369d59432dae59e04a09a5d517c7eb3f367e9a64
-
SHA512
3e0c6c264fe6c8f24bf670bc3a40943bc0015c8fbdd64e566e476bb77a86949469859e59009725ecaa7ba4aa02476c991f5011d903621678533df201e61ffb9f
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-