General
-
Target
1308238442963ab9ee5042b1ab232449ed45a69c8de0f0905d3e38eccaa35ad5
-
Size
1.8MB
-
Sample
211231-g95nssgfd3
-
MD5
ca8a5eac2f00bea71950314d09880ec0
-
SHA1
1359342d439052e5b6a06570ce5548f84d4eeb41
-
SHA256
1308238442963ab9ee5042b1ab232449ed45a69c8de0f0905d3e38eccaa35ad5
-
SHA512
53ca5355e84f0ae556578a8e2d9d961f2da64575693ee458dd8a91c683921854f657333fc6f9a039816542d2e04fb7e72498c5c44a051a6ca24282d4e9e867c6
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
1308238442963ab9ee5042b1ab232449ed45a69c8de0f0905d3e38eccaa35ad5
-
Size
1.8MB
-
MD5
ca8a5eac2f00bea71950314d09880ec0
-
SHA1
1359342d439052e5b6a06570ce5548f84d4eeb41
-
SHA256
1308238442963ab9ee5042b1ab232449ed45a69c8de0f0905d3e38eccaa35ad5
-
SHA512
53ca5355e84f0ae556578a8e2d9d961f2da64575693ee458dd8a91c683921854f657333fc6f9a039816542d2e04fb7e72498c5c44a051a6ca24282d4e9e867c6
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-