General
-
Target
862ab7c6ca8b557e5ae40614bcb4ebd5a71226dead325af4b29ab05e7380ea1b
-
Size
1.8MB
-
Sample
211230-gfbtmafeg8
-
MD5
7a4c44e17bf25675a9f8651c4ff009e8
-
SHA1
0e02e734661420a5cfc161ee8e956733f37046ab
-
SHA256
862ab7c6ca8b557e5ae40614bcb4ebd5a71226dead325af4b29ab05e7380ea1b
-
SHA512
7067cbf9bd833c480773bd415b8ae61615135f62c46e276ca8d86453c24bc4d58007593c5947fb93abe0131077bb214c510536f28871287da47f4830eb8c068b
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
862ab7c6ca8b557e5ae40614bcb4ebd5a71226dead325af4b29ab05e7380ea1b
-
Size
1.8MB
-
MD5
7a4c44e17bf25675a9f8651c4ff009e8
-
SHA1
0e02e734661420a5cfc161ee8e956733f37046ab
-
SHA256
862ab7c6ca8b557e5ae40614bcb4ebd5a71226dead325af4b29ab05e7380ea1b
-
SHA512
7067cbf9bd833c480773bd415b8ae61615135f62c46e276ca8d86453c24bc4d58007593c5947fb93abe0131077bb214c510536f28871287da47f4830eb8c068b
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-