General
-
Target
8b6a756e9770c6d6a1ce8b290920b05e9854a9cc43baa40de4cdb7b5dc62d62e
-
Size
1.9MB
-
Sample
211230-rzjzfseebm
-
MD5
5671fa693a4cc5de59ad3bc915150d04
-
SHA1
28a8c9a2a1226b5d7aedef9065d9ddc310b1f33e
-
SHA256
8b6a756e9770c6d6a1ce8b290920b05e9854a9cc43baa40de4cdb7b5dc62d62e
-
SHA512
fbe4ec24244b5005272df627580b51f2df9895c0b368de7f6d91e080d011f4139866a556cc74efebb9f8d44ad354e87bda12ebe08072a60ab09428f6dc6587a2
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
8b6a756e9770c6d6a1ce8b290920b05e9854a9cc43baa40de4cdb7b5dc62d62e
-
Size
1.9MB
-
MD5
5671fa693a4cc5de59ad3bc915150d04
-
SHA1
28a8c9a2a1226b5d7aedef9065d9ddc310b1f33e
-
SHA256
8b6a756e9770c6d6a1ce8b290920b05e9854a9cc43baa40de4cdb7b5dc62d62e
-
SHA512
fbe4ec24244b5005272df627580b51f2df9895c0b368de7f6d91e080d011f4139866a556cc74efebb9f8d44ad354e87bda12ebe08072a60ab09428f6dc6587a2
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-