General
-
Target
5cbcb1398960f8e1e70b82d01ae8e7e13bc0c4a7209373176ea8428b1355917a
-
Size
1.8MB
-
Sample
211230-3nkx6aehcq
-
MD5
40a451beea9503dcd9e746f3862082ee
-
SHA1
ef31e7d120f71a0e61a0e878b496aff718da820d
-
SHA256
5cbcb1398960f8e1e70b82d01ae8e7e13bc0c4a7209373176ea8428b1355917a
-
SHA512
f2f9e44e3970530bcee38ef5ab78623de02794ede2c8ffea1fbe08de98bc58113fcdd7945d4adc54ee84cd1647a1b406fcf53c8ad98228a0108ed2ce4109ca10
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
5cbcb1398960f8e1e70b82d01ae8e7e13bc0c4a7209373176ea8428b1355917a
-
Size
1.8MB
-
MD5
40a451beea9503dcd9e746f3862082ee
-
SHA1
ef31e7d120f71a0e61a0e878b496aff718da820d
-
SHA256
5cbcb1398960f8e1e70b82d01ae8e7e13bc0c4a7209373176ea8428b1355917a
-
SHA512
f2f9e44e3970530bcee38ef5ab78623de02794ede2c8ffea1fbe08de98bc58113fcdd7945d4adc54ee84cd1647a1b406fcf53c8ad98228a0108ed2ce4109ca10
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-