General
-
Target
3f30c5064fed27ef6a1282a1d5be512a4c60d5f48a1b7a0de53236161c2928f3
-
Size
1.8MB
-
Sample
211230-hak1saebem
-
MD5
6a850db0764a6176a1a09183dea24908
-
SHA1
6450f42fc20cc97e167e597f6f223cc590c84239
-
SHA256
3f30c5064fed27ef6a1282a1d5be512a4c60d5f48a1b7a0de53236161c2928f3
-
SHA512
7326399ace627bcef3370d68470864c5737770665efba277e07680e71c195e15f4b8e16150210e019aa6cc5943210b545600b7744eea1b2e13771849871fb37b
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
3f30c5064fed27ef6a1282a1d5be512a4c60d5f48a1b7a0de53236161c2928f3
-
Size
1.8MB
-
MD5
6a850db0764a6176a1a09183dea24908
-
SHA1
6450f42fc20cc97e167e597f6f223cc590c84239
-
SHA256
3f30c5064fed27ef6a1282a1d5be512a4c60d5f48a1b7a0de53236161c2928f3
-
SHA512
7326399ace627bcef3370d68470864c5737770665efba277e07680e71c195e15f4b8e16150210e019aa6cc5943210b545600b7744eea1b2e13771849871fb37b
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-