General
-
Target
bc91ae20933a3e6607d8891bbcfca332.exe
-
Size
6.0MB
-
Sample
210612-mpzvjwzv4e
-
MD5
bc91ae20933a3e6607d8891bbcfca332
-
SHA1
bf48801924d51878a908b69de23897a28bf474ee
-
SHA256
4b97736ce9304016dbfeb4a508f27917214899717df3578ef74813e73b283ffe
-
SHA512
f032c70c669a3d360551a9652acfedb62fc89def2b7afa98b8098d0e87b3e6b592bd21c523feb1deea6d14acde5563a64ad7ab1b06ac440bea7f65f48a3a47d2
Static task
static1
Behavioral task
behavioral1
Sample
bc91ae20933a3e6607d8891bbcfca332.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1827
3
192.210.198.12:443
37.220.31.50:443
184.95.51.183:443
184.95.51.175:443
-
embedded_hash
410EB249B3A3D8613B29638D583F7193
Targets
-
-
Target
bc91ae20933a3e6607d8891bbcfca332.exe
-
Size
6.0MB
-
MD5
bc91ae20933a3e6607d8891bbcfca332
-
SHA1
bf48801924d51878a908b69de23897a28bf474ee
-
SHA256
4b97736ce9304016dbfeb4a508f27917214899717df3578ef74813e73b283ffe
-
SHA512
f032c70c669a3d360551a9652acfedb62fc89def2b7afa98b8098d0e87b3e6b592bd21c523feb1deea6d14acde5563a64ad7ab1b06ac440bea7f65f48a3a47d2
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-