General
-
Target
2d381d142939000d2ad67fac59016d555c542263a500289f6defdfffbd6e172a
-
Size
1.8MB
-
Sample
211227-mc4m5abahn
-
MD5
1df47174147fa61b7e75652151bd8643
-
SHA1
5e593bb3f4200914565ff918e2a0c3ba03920f93
-
SHA256
2d381d142939000d2ad67fac59016d555c542263a500289f6defdfffbd6e172a
-
SHA512
01075e688d0ec328891ad4f03bf324a60e14b082b5eaf509393f393ca34ee1a35e15ee6b994343875a364fd5d8081d5310ea65d9c835bc3610a91c1168c6120e
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
2d381d142939000d2ad67fac59016d555c542263a500289f6defdfffbd6e172a
-
Size
1.8MB
-
MD5
1df47174147fa61b7e75652151bd8643
-
SHA1
5e593bb3f4200914565ff918e2a0c3ba03920f93
-
SHA256
2d381d142939000d2ad67fac59016d555c542263a500289f6defdfffbd6e172a
-
SHA512
01075e688d0ec328891ad4f03bf324a60e14b082b5eaf509393f393ca34ee1a35e15ee6b994343875a364fd5d8081d5310ea65d9c835bc3610a91c1168c6120e
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-