General
-
Target
SecuriteInfo.com.W32.AIDetect.malware2.25613.13438
-
Size
1.1MB
-
Sample
210723-7dba5z9xbe
-
MD5
ff776b2fb6736075adfcb1739a180491
-
SHA1
1c5cb0eb48f441d8493f7c5f6428d7af8c1c9abb
-
SHA256
ef6fc7bf417d763f9c7c8c9bf723ce7d3b4acbeb4cc47e65bcb3d6b8f143fee2
-
SHA512
58fe0bb6f3dcda9831332d0dfcd0d5a92d58ed1107a3d246c4b092be384535be0d1d33ca9728b6944be171e3fa62663608e27ca7834a725b6ca9f81fcba853c7
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetect.malware2.25613.13438.exe
Resource
win7v20210410
Malware Config
Extracted
danabot
1987
4
142.11.244.124:443
142.11.206.50:443
-
embedded_hash
6AD9FE4F9E491E785665E0D144F61DAB
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware2.25613.13438
-
Size
1.1MB
-
MD5
ff776b2fb6736075adfcb1739a180491
-
SHA1
1c5cb0eb48f441d8493f7c5f6428d7af8c1c9abb
-
SHA256
ef6fc7bf417d763f9c7c8c9bf723ce7d3b4acbeb4cc47e65bcb3d6b8f143fee2
-
SHA512
58fe0bb6f3dcda9831332d0dfcd0d5a92d58ed1107a3d246c4b092be384535be0d1d33ca9728b6944be171e3fa62663608e27ca7834a725b6ca9f81fcba853c7
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-