General
-
Target
8d72a6f7a3815a3c786aa596cb7b2ba0a5253228343c154e9a32e9ab690cba33
-
Size
1MB
-
Sample
220101-2dcy5aaae8
-
MD5
8e33169905bd13e9036657eb3146d2ec
-
SHA1
e4626a48869d18ad4ad4a20edd7a60fa961dc0a1
-
SHA256
8d72a6f7a3815a3c786aa596cb7b2ba0a5253228343c154e9a32e9ab690cba33
-
SHA512
308cad35cdf485f90ff20fb8f4d831cad48328351e30aa6e274ddcb2ceabeb5dc6432fa44d1f8dd77709d9bd3e93edb70c69f9f12fefcb80fe82ad3a080e53b7
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
8d72a6f7a3815a3c786aa596cb7b2ba0a5253228343c154e9a32e9ab690cba33
-
Size
1MB
-
MD5
8e33169905bd13e9036657eb3146d2ec
-
SHA1
e4626a48869d18ad4ad4a20edd7a60fa961dc0a1
-
SHA256
8d72a6f7a3815a3c786aa596cb7b2ba0a5253228343c154e9a32e9ab690cba33
-
SHA512
308cad35cdf485f90ff20fb8f4d831cad48328351e30aa6e274ddcb2ceabeb5dc6432fa44d1f8dd77709d9bd3e93edb70c69f9f12fefcb80fe82ad3a080e53b7
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-