General
-
Target
dabbb26142632eba9e737eca407d18de6c5866f7296ac13cfa184bb4df7c995b
-
Size
1.8MB
-
Sample
211231-mwv54afcgm
-
MD5
50f596ea769c127ae280cc12df1d62c1
-
SHA1
27e7ee8c39b67fee9eaa72281d2bd04229c069e0
-
SHA256
dabbb26142632eba9e737eca407d18de6c5866f7296ac13cfa184bb4df7c995b
-
SHA512
e303a546947fbf40df1563ec18907f5bf2202d740677c957f6c0eeb1cf4b7ac38634b1687899357ee0da65a81fbebfbd67b54d84d720824af1c76660459de350
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
dabbb26142632eba9e737eca407d18de6c5866f7296ac13cfa184bb4df7c995b
-
Size
1.8MB
-
MD5
50f596ea769c127ae280cc12df1d62c1
-
SHA1
27e7ee8c39b67fee9eaa72281d2bd04229c069e0
-
SHA256
dabbb26142632eba9e737eca407d18de6c5866f7296ac13cfa184bb4df7c995b
-
SHA512
e303a546947fbf40df1563ec18907f5bf2202d740677c957f6c0eeb1cf4b7ac38634b1687899357ee0da65a81fbebfbd67b54d84d720824af1c76660459de350
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-