General
-
Target
1d2932dcf2391adcd5385700b14b4d59d7a319037fe72a9054bdac51c92cfae4
-
Size
1.1MB
-
Sample
211021-m32w8aabg6
-
MD5
44ea4215c9e6d9f71d3dd64fcfd45d1f
-
SHA1
51c5173979f2c481403af71ef8e7d3137f23aaae
-
SHA256
1d2932dcf2391adcd5385700b14b4d59d7a319037fe72a9054bdac51c92cfae4
-
SHA512
2164f6185ea28a823431db68afc450283c338325aae32a9b862640983e8882d368a5bf977157c3a48c541882e807cfdb65d5ec78f5fc2a54a9d499f4f942565c
Static task
static1
Malware Config
Extracted
danabot
192.119.110.73:443
192.236.147.159:443
192.210.222.88:443
-
embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
-
type
loader
Extracted
danabot
2052
4
192.119.110.73:443
192.236.147.159:443
192.210.222.88:443
-
embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
-
type
main
Targets
-
-
Target
1d2932dcf2391adcd5385700b14b4d59d7a319037fe72a9054bdac51c92cfae4
-
Size
1.1MB
-
MD5
44ea4215c9e6d9f71d3dd64fcfd45d1f
-
SHA1
51c5173979f2c481403af71ef8e7d3137f23aaae
-
SHA256
1d2932dcf2391adcd5385700b14b4d59d7a319037fe72a9054bdac51c92cfae4
-
SHA512
2164f6185ea28a823431db68afc450283c338325aae32a9b862640983e8882d368a5bf977157c3a48c541882e807cfdb65d5ec78f5fc2a54a9d499f4f942565c
-
Danabot Loader Component
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-