General
-
Target
cbf6ec3abbfbaeea6e9df16abc8de508e4627244901348e1eed97fd8b866cb0b
-
Size
1.8MB
-
Sample
211230-3vve6sgdb8
-
MD5
1cd8fa2f60d14750a2977c0595a7953f
-
SHA1
08cd05689a1ac05d83316955f1ef677066ef750e
-
SHA256
cbf6ec3abbfbaeea6e9df16abc8de508e4627244901348e1eed97fd8b866cb0b
-
SHA512
0336bb2e1dd3cef785294f6481c18346e67c00d209c51f7b1c8b727e20b22d1b5266d836d236ddd49cf6e15298d30d0dfc92d2fb69dccf006f813f091ba59133
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
cbf6ec3abbfbaeea6e9df16abc8de508e4627244901348e1eed97fd8b866cb0b
-
Size
1.8MB
-
MD5
1cd8fa2f60d14750a2977c0595a7953f
-
SHA1
08cd05689a1ac05d83316955f1ef677066ef750e
-
SHA256
cbf6ec3abbfbaeea6e9df16abc8de508e4627244901348e1eed97fd8b866cb0b
-
SHA512
0336bb2e1dd3cef785294f6481c18346e67c00d209c51f7b1c8b727e20b22d1b5266d836d236ddd49cf6e15298d30d0dfc92d2fb69dccf006f813f091ba59133
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-