General
-
Target
de32c73a7131f8526801ece12b862faaee462e136a2c86a333a480eadf965f21
-
Size
1.8MB
-
Sample
211231-kyly4afcbm
-
MD5
50e1f771b5024ddc9c8bac99c94a3107
-
SHA1
234ac8b43f46101ec5b2e918f4ee0a31bd415b03
-
SHA256
de32c73a7131f8526801ece12b862faaee462e136a2c86a333a480eadf965f21
-
SHA512
46a08c88b81411a1069587ca2c5311db3b3e5c7a7025fe92897e505a6f7304c532612b1dd9a1b98138cae9116957ead448b6fc04b1899e6ecc9804722a3da197
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
de32c73a7131f8526801ece12b862faaee462e136a2c86a333a480eadf965f21
-
Size
1.8MB
-
MD5
50e1f771b5024ddc9c8bac99c94a3107
-
SHA1
234ac8b43f46101ec5b2e918f4ee0a31bd415b03
-
SHA256
de32c73a7131f8526801ece12b862faaee462e136a2c86a333a480eadf965f21
-
SHA512
46a08c88b81411a1069587ca2c5311db3b3e5c7a7025fe92897e505a6f7304c532612b1dd9a1b98138cae9116957ead448b6fc04b1899e6ecc9804722a3da197
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-