General
-
Target
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91
-
Size
1.1MB
-
Sample
220205-xpws6aeea2
-
MD5
875071870de4fad3639b04a6b7f3f3fb
-
SHA1
f5b01b158aabbb104e53e6f4dc76a77b6a928848
-
SHA256
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91
-
SHA512
d79c173ae40880505d0d80ac638a973f05b2ee93bbfd910b79e4463bbc32a7a6d3bf023394a678ef56e7c831c8a7a629b5d4740d83d14c62d4b7a1b4a53b596e
Behavioral task
behavioral1
Sample
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
danabot
64.188.12.140
64.188.19.39
151.106.53.109
172.245.247.101
185.136.167.142
242.61.5.230
184.74.28.43
118.227.95.92
37.240.137.117
185.181.8.49
Targets
-
-
Target
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91
-
Size
1.1MB
-
MD5
875071870de4fad3639b04a6b7f3f3fb
-
SHA1
f5b01b158aabbb104e53e6f4dc76a77b6a928848
-
SHA256
14d1b1a276cc2ca724d2ad6eeb0d9090c456a3aa11ac80f977911496b3123a91
-
SHA512
d79c173ae40880505d0d80ac638a973f05b2ee93bbfd910b79e4463bbc32a7a6d3bf023394a678ef56e7c831c8a7a629b5d4740d83d14c62d4b7a1b4a53b596e
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-