General
-
Target
6d67dbc0cd83057d120ffb5547c10747fbce1919c5d15c4703604bedc25992b3
-
Size
1.8MB
-
Sample
211230-lnwk8aecfm
-
MD5
a15cc75a5b0d7488ba9164baf16c8387
-
SHA1
c0415421b35d3d1f6ea38bdf31e404051a57e7e3
-
SHA256
6d67dbc0cd83057d120ffb5547c10747fbce1919c5d15c4703604bedc25992b3
-
SHA512
f1332af987f88e5cf29b69ad72872e778c756491e25f572665480df80b304da98c5a6eb1bf4d459634bd93fc13958b32b6dbc6d0b9364920bf195269fc00edbf
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
6d67dbc0cd83057d120ffb5547c10747fbce1919c5d15c4703604bedc25992b3
-
Size
1.8MB
-
MD5
a15cc75a5b0d7488ba9164baf16c8387
-
SHA1
c0415421b35d3d1f6ea38bdf31e404051a57e7e3
-
SHA256
6d67dbc0cd83057d120ffb5547c10747fbce1919c5d15c4703604bedc25992b3
-
SHA512
f1332af987f88e5cf29b69ad72872e778c756491e25f572665480df80b304da98c5a6eb1bf4d459634bd93fc13958b32b6dbc6d0b9364920bf195269fc00edbf
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-