General
-
Target
e23a34dd54d502d5dc84ac2c7058f286f43d8c8e88d0b2f92dbf4c11bae17674
-
Size
1.8MB
-
Sample
220106-fgdtyabchr
-
MD5
5107c126d077612e44bea786bc084e6a
-
SHA1
3a4e070a414db63989fa94461fe4c681edfdcf11
-
SHA256
e23a34dd54d502d5dc84ac2c7058f286f43d8c8e88d0b2f92dbf4c11bae17674
-
SHA512
75237473e86e64fbb39f4946d54eaa4ba600d84426235045e45349cb6396663963448cb1aa2ace75cab2cb830013c8972b7d59bdba8bddf3dfcf7c6cc98477e7
Static task
static1
Malware Config
Extracted
danabot
4
142.11.244.223:443
192.236.194.72:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
e23a34dd54d502d5dc84ac2c7058f286f43d8c8e88d0b2f92dbf4c11bae17674
-
Size
1.8MB
-
MD5
5107c126d077612e44bea786bc084e6a
-
SHA1
3a4e070a414db63989fa94461fe4c681edfdcf11
-
SHA256
e23a34dd54d502d5dc84ac2c7058f286f43d8c8e88d0b2f92dbf4c11bae17674
-
SHA512
75237473e86e64fbb39f4946d54eaa4ba600d84426235045e45349cb6396663963448cb1aa2ace75cab2cb830013c8972b7d59bdba8bddf3dfcf7c6cc98477e7
-
Danabot Loader Component
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-