General
-
Target
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138
-
Size
948KB
-
Sample
220205-r299escfbk
-
MD5
fc6c2250c3b97d7f45aa288929a015b6
-
SHA1
d5c2168845918ec63056ded0664d5b3a4891b14b
-
SHA256
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138
-
SHA512
bfaa967390210bd0cc6c0e97cac369bc7519bc540e71e39ed2bf6da87da8d8d2508c697dcb471756cb1e8e4df2e4eafafd5705d493968d11a67827a7dbbb25be
Static task
static1
Behavioral task
behavioral1
Sample
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
2.56.212.4
5.61.56.192
Targets
-
-
Target
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138
-
Size
948KB
-
MD5
fc6c2250c3b97d7f45aa288929a015b6
-
SHA1
d5c2168845918ec63056ded0664d5b3a4891b14b
-
SHA256
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138
-
SHA512
bfaa967390210bd0cc6c0e97cac369bc7519bc540e71e39ed2bf6da87da8d8d2508c697dcb471756cb1e8e4df2e4eafafd5705d493968d11a67827a7dbbb25be
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-