General
-
Target
02010982384b103f65a50571438a50af2a052476f125ca94104e35388509cc9c
-
Size
1.8MB
-
Sample
220101-m59pvagagq
-
MD5
3e6c1567a65599742354dd6fd574ae59
-
SHA1
9b058892395733fe6b67817c47d34835167eac0d
-
SHA256
02010982384b103f65a50571438a50af2a052476f125ca94104e35388509cc9c
-
SHA512
a3cfeac0705dbd4ba79897d614a28025c30ecd20e1d8142ae1a4c389a10e22c78190f1b35d8aed3131d9fbc889d0fe79af8892ba475318f8e0b34d334eac6d6d
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
02010982384b103f65a50571438a50af2a052476f125ca94104e35388509cc9c
-
Size
1.8MB
-
MD5
3e6c1567a65599742354dd6fd574ae59
-
SHA1
9b058892395733fe6b67817c47d34835167eac0d
-
SHA256
02010982384b103f65a50571438a50af2a052476f125ca94104e35388509cc9c
-
SHA512
a3cfeac0705dbd4ba79897d614a28025c30ecd20e1d8142ae1a4c389a10e22c78190f1b35d8aed3131d9fbc889d0fe79af8892ba475318f8e0b34d334eac6d6d
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-