General
-
Target
41cccc3e600c2e17f48be777c6803bc54cd33c5f2afbcba75c79e40e786df690
-
Size
1.8MB
-
Sample
220101-lzglfaheg9
-
MD5
9730790ac74d2cb52f6c378d532acec6
-
SHA1
83dff400e598997f10f77e867bc16019fd150799
-
SHA256
41cccc3e600c2e17f48be777c6803bc54cd33c5f2afbcba75c79e40e786df690
-
SHA512
9c1fb4d54f8782665e1ad9e604c424910b213455177da113304074f9cbb923688fcd75113b9d83d1019729df635ac7f5c7c535a30242bc97f2da888415097f11
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
41cccc3e600c2e17f48be777c6803bc54cd33c5f2afbcba75c79e40e786df690
-
Size
1.8MB
-
MD5
9730790ac74d2cb52f6c378d532acec6
-
SHA1
83dff400e598997f10f77e867bc16019fd150799
-
SHA256
41cccc3e600c2e17f48be777c6803bc54cd33c5f2afbcba75c79e40e786df690
-
SHA512
9c1fb4d54f8782665e1ad9e604c424910b213455177da113304074f9cbb923688fcd75113b9d83d1019729df635ac7f5c7c535a30242bc97f2da888415097f11
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-