General
-
Target
fa036f4f21be4854f7bb2d7a3fc8cfb2.exe
-
Size
1.0MB
-
Sample
210720-v99wmzd2ya
-
MD5
fa036f4f21be4854f7bb2d7a3fc8cfb2
-
SHA1
b56d0a5c39fd1e31b9c5307a12cd6f2abea61fd1
-
SHA256
c38669f38d4b4f1e1d6881adfee332a4f5e8a1c62a630642100b340426e4e97a
-
SHA512
bdaff5c113e0249d309816ae18cb20bf3bff2a7c713fdd1058b7e6755b27a2cef4b8acdbb9fe0e5bd595376e0e78eae4bfb282ecde3fd6138f7390cd8cd929e1
Static task
static1
Behavioral task
behavioral1
Sample
fa036f4f21be4854f7bb2d7a3fc8cfb2.exe
Resource
win7v20210408
Malware Config
Extracted
danabot
1987
4
142.11.244.124:443
142.11.206.50:443
-
embedded_hash
6AD9FE4F9E491E785665E0D144F61DAB
Targets
-
-
Target
fa036f4f21be4854f7bb2d7a3fc8cfb2.exe
-
Size
1.0MB
-
MD5
fa036f4f21be4854f7bb2d7a3fc8cfb2
-
SHA1
b56d0a5c39fd1e31b9c5307a12cd6f2abea61fd1
-
SHA256
c38669f38d4b4f1e1d6881adfee332a4f5e8a1c62a630642100b340426e4e97a
-
SHA512
bdaff5c113e0249d309816ae18cb20bf3bff2a7c713fdd1058b7e6755b27a2cef4b8acdbb9fe0e5bd595376e0e78eae4bfb282ecde3fd6138f7390cd8cd929e1
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-