General
-
Target
bb73e798af4ed96af01717646d0ca442a35d3945304cae6d2aae357783dc3a9e
-
Size
1.8MB
-
Sample
220106-aadygabber
-
MD5
c092859a2a92b7681c0d61f61567b5e5
-
SHA1
b3d065b9a5d8bedcef7f9af9e901f88312a32e52
-
SHA256
bb73e798af4ed96af01717646d0ca442a35d3945304cae6d2aae357783dc3a9e
-
SHA512
76d94b91e698f60a36db7e58f4754995e52cbde3852bac33e62beb9a9f8453fa21d4ae22ec0e055deecca1444dc476634cf000cb784216746b9692299246b87e
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
bb73e798af4ed96af01717646d0ca442a35d3945304cae6d2aae357783dc3a9e
-
Size
1.8MB
-
MD5
c092859a2a92b7681c0d61f61567b5e5
-
SHA1
b3d065b9a5d8bedcef7f9af9e901f88312a32e52
-
SHA256
bb73e798af4ed96af01717646d0ca442a35d3945304cae6d2aae357783dc3a9e
-
SHA512
76d94b91e698f60a36db7e58f4754995e52cbde3852bac33e62beb9a9f8453fa21d4ae22ec0e055deecca1444dc476634cf000cb784216746b9692299246b87e
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-