General
-
Target
951b94f3bb2bf01cf26d5b55dbc6a7a21864bc552c649a9750fc67076276e2b1
-
Size
1.8MB
-
Sample
211125-t62h7abbd6
-
MD5
a950ef033197897455d5fb2bbedd6f0d
-
SHA1
7b5162ff77988cc82c316d8409dc8084f6713efb
-
SHA256
951b94f3bb2bf01cf26d5b55dbc6a7a21864bc552c649a9750fc67076276e2b1
-
SHA512
199e60ae2a77b4dfdbba3dd45ad670442040812865ee8775fa0402a372bee25dbfc564056e7da9ddf4a8b78571a482b09fc20bb626f3de80cda2b42912a0ea68
Static task
static1
Malware Config
Extracted
danabot
142.11.244.223:443
23.106.122.139:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
951b94f3bb2bf01cf26d5b55dbc6a7a21864bc552c649a9750fc67076276e2b1
-
Size
1.8MB
-
MD5
a950ef033197897455d5fb2bbedd6f0d
-
SHA1
7b5162ff77988cc82c316d8409dc8084f6713efb
-
SHA256
951b94f3bb2bf01cf26d5b55dbc6a7a21864bc552c649a9750fc67076276e2b1
-
SHA512
199e60ae2a77b4dfdbba3dd45ad670442040812865ee8775fa0402a372bee25dbfc564056e7da9ddf4a8b78571a482b09fc20bb626f3de80cda2b42912a0ea68
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-