General
-
Target
35d278a878404e369a633866c11ac1ad98f044f09310c14e002c97600baa0118
-
Size
1.8MB
-
Sample
220101-ha9zxahdh4
-
MD5
8712ff33ec6bce3c41f05542eeed94b5
-
SHA1
9a619af0c19796c45bec3b46e8cbd14fbbe255fd
-
SHA256
35d278a878404e369a633866c11ac1ad98f044f09310c14e002c97600baa0118
-
SHA512
8aa2c87c7df55472c19b9e5ba834bfa62c3403b7dec58bad6cd1ba04a345220a237dcb1f385889bd233b44d6bd6ad91fccb1a23f65d957426147cd2c05b72d53
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
35d278a878404e369a633866c11ac1ad98f044f09310c14e002c97600baa0118
-
Size
1.8MB
-
MD5
8712ff33ec6bce3c41f05542eeed94b5
-
SHA1
9a619af0c19796c45bec3b46e8cbd14fbbe255fd
-
SHA256
35d278a878404e369a633866c11ac1ad98f044f09310c14e002c97600baa0118
-
SHA512
8aa2c87c7df55472c19b9e5ba834bfa62c3403b7dec58bad6cd1ba04a345220a237dcb1f385889bd233b44d6bd6ad91fccb1a23f65d957426147cd2c05b72d53
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-