General
-
Target
c7fd225c74c98215f0105ed20c8adee8
-
Size
6.1MB
-
Sample
210611-8yd68qlrma
-
MD5
c7fd225c74c98215f0105ed20c8adee8
-
SHA1
8c9a8ee7173125db25a35a04451d186db98d5cb9
-
SHA256
08bb07f4182f8cc6c6460af9f9e268e0fb6323a2227388c42d06d801201f767d
-
SHA512
7a3e5a4b91ce2c4ca25bf4f57d4a8c7c3f8d1130089d779892a4654e38f795efeeede8ab1a28ac131bd4d15aa76104ff681b012d18b3f81056f58994fe82bf77
Static task
static1
Behavioral task
behavioral1
Sample
c7fd225c74c98215f0105ed20c8adee8.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
192.210.198.12:443
37.220.31.50:443
184.95.51.183:443
184.95.51.175:443
-
embedded_hash
410EB249B3A3D8613B29638D583F7193
Targets
-
-
Target
c7fd225c74c98215f0105ed20c8adee8
-
Size
6.1MB
-
MD5
c7fd225c74c98215f0105ed20c8adee8
-
SHA1
8c9a8ee7173125db25a35a04451d186db98d5cb9
-
SHA256
08bb07f4182f8cc6c6460af9f9e268e0fb6323a2227388c42d06d801201f767d
-
SHA512
7a3e5a4b91ce2c4ca25bf4f57d4a8c7c3f8d1130089d779892a4654e38f795efeeede8ab1a28ac131bd4d15aa76104ff681b012d18b3f81056f58994fe82bf77
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-