General
-
Target
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
-
Size
983KB
-
Sample
220205-lhn9ysaac4
-
MD5
2cc2e2d04b19ae5e2ec44a6ad1659032
-
SHA1
446c7ef75794b80370310566c0a8a4a63492e1d9
-
SHA256
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
-
SHA512
1bd01c404206499d17ca326eded8daf1125df868a82c3e54a4db064b58c73f7a6825845530bff062e58495c83f1d40efc481f970b7b60d0fe36c02a6e5e1ff26
Static task
static1
Behavioral task
behavioral1
Sample
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
2.56.212.4
5.61.56.192
Targets
-
-
Target
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
-
Size
983KB
-
MD5
2cc2e2d04b19ae5e2ec44a6ad1659032
-
SHA1
446c7ef75794b80370310566c0a8a4a63492e1d9
-
SHA256
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
-
SHA512
1bd01c404206499d17ca326eded8daf1125df868a82c3e54a4db064b58c73f7a6825845530bff062e58495c83f1d40efc481f970b7b60d0fe36c02a6e5e1ff26
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-