General
-
Target
52e7331a12483723eba706c51596a54c2a93231d67c7ce7b62893324c9ddabfc
-
Size
1.8MB
-
Sample
220101-wwbk5ahhd9
-
MD5
cb1e719b862e720d87e0382c52159efd
-
SHA1
968dc2cfec4b127b4d3303db08abc2b163b6b83f
-
SHA256
52e7331a12483723eba706c51596a54c2a93231d67c7ce7b62893324c9ddabfc
-
SHA512
499fdefd110132e504ad77a3448f88384e6432b9612d2acbbc8c08bd3bc2e6ccf2d39d9fad4de6c11ab7f4d18fac0b5ebfe98a5f050b9960a91be7ba973cbd7c
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
52e7331a12483723eba706c51596a54c2a93231d67c7ce7b62893324c9ddabfc
-
Size
1.8MB
-
MD5
cb1e719b862e720d87e0382c52159efd
-
SHA1
968dc2cfec4b127b4d3303db08abc2b163b6b83f
-
SHA256
52e7331a12483723eba706c51596a54c2a93231d67c7ce7b62893324c9ddabfc
-
SHA512
499fdefd110132e504ad77a3448f88384e6432b9612d2acbbc8c08bd3bc2e6ccf2d39d9fad4de6c11ab7f4d18fac0b5ebfe98a5f050b9960a91be7ba973cbd7c
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-