General
-
Target
c8f5419bb3e41ccd13060b58cd47cc0ed501271e8c8ea3bb0dd699aa28cf8795
-
Size
1.8MB
-
Sample
220101-etfnmahdd9
-
MD5
86f2966e3a8e679b1a323e5dbcdc543a
-
SHA1
7658028ee7bc7e393ba599ee951b13e2c4ce1c08
-
SHA256
c8f5419bb3e41ccd13060b58cd47cc0ed501271e8c8ea3bb0dd699aa28cf8795
-
SHA512
a6d411fe695923ec34e4ec2c6fd7d61d50c9f59ef873af3117395295f05cf87a0455e58d0e1bbac4736a2c61ea3f42165f1a86fed1bf67c92b2756980b90ed98
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
c8f5419bb3e41ccd13060b58cd47cc0ed501271e8c8ea3bb0dd699aa28cf8795
-
Size
1.8MB
-
MD5
86f2966e3a8e679b1a323e5dbcdc543a
-
SHA1
7658028ee7bc7e393ba599ee951b13e2c4ce1c08
-
SHA256
c8f5419bb3e41ccd13060b58cd47cc0ed501271e8c8ea3bb0dd699aa28cf8795
-
SHA512
a6d411fe695923ec34e4ec2c6fd7d61d50c9f59ef873af3117395295f05cf87a0455e58d0e1bbac4736a2c61ea3f42165f1a86fed1bf67c92b2756980b90ed98
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-