General
-
Target
17b7e69175169a06f1376ada53b70a77accbc30a5f7b3cec32e3fe8e9285eb86
-
Size
1.8MB
-
Sample
220101-aq6cnafger
-
MD5
cb22039f60d3a5edb829a1983ca19b96
-
SHA1
f85c805b015cb885021436e406e14b6c936d1c26
-
SHA256
17b7e69175169a06f1376ada53b70a77accbc30a5f7b3cec32e3fe8e9285eb86
-
SHA512
c0787124e7131f54064cc8a9a1d9fbafdc1e92cd7ac15defcbb45492801d04d3fa9d4d1b8c0b7550500bc9b154b3b479e66bfa79a1425654ba8fc410c87bf08b
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
17b7e69175169a06f1376ada53b70a77accbc30a5f7b3cec32e3fe8e9285eb86
-
Size
1.8MB
-
MD5
cb22039f60d3a5edb829a1983ca19b96
-
SHA1
f85c805b015cb885021436e406e14b6c936d1c26
-
SHA256
17b7e69175169a06f1376ada53b70a77accbc30a5f7b3cec32e3fe8e9285eb86
-
SHA512
c0787124e7131f54064cc8a9a1d9fbafdc1e92cd7ac15defcbb45492801d04d3fa9d4d1b8c0b7550500bc9b154b3b479e66bfa79a1425654ba8fc410c87bf08b
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-