General
-
Target
f7a256bf58cc242cd34bdfa710febc15aa9991824124b4a42ff7196cbc92db77
-
Size
3.7MB
-
Sample
220319-nlcrfagggq
-
MD5
84089cd89e88deb295ef14f03796bba5
-
SHA1
03db542899d89cccd873143ab00cd43039318fbe
-
SHA256
f7a256bf58cc242cd34bdfa710febc15aa9991824124b4a42ff7196cbc92db77
-
SHA512
c76b1160a1413c63c37ab065c249dcbd3f3fe8b10b45b2084eaeb676574673dac41e17a0cc0dd643b400ef4f953d19fe209b36310fc406834ba92aabe90682b9
Static task
static1
Behavioral task
behavioral1
Sample
f7a256bf58cc242cd34bdfa710febc15aa9991824124b4a42ff7196cbc92db77.dll
Resource
win7-20220311-en
Malware Config
Extracted
danabot
1732
3
23.106.123.249:443
51.195.73.129:443
167.114.188.38:443
23.226.132.92:443
-
embedded_hash
E1D3580C52F82AF2B3596E20FB85D9F4
-
type
main
Targets
-
-
Target
f7a256bf58cc242cd34bdfa710febc15aa9991824124b4a42ff7196cbc92db77
-
Size
3.7MB
-
MD5
84089cd89e88deb295ef14f03796bba5
-
SHA1
03db542899d89cccd873143ab00cd43039318fbe
-
SHA256
f7a256bf58cc242cd34bdfa710febc15aa9991824124b4a42ff7196cbc92db77
-
SHA512
c76b1160a1413c63c37ab065c249dcbd3f3fe8b10b45b2084eaeb676574673dac41e17a0cc0dd643b400ef4f953d19fe209b36310fc406834ba92aabe90682b9
-
suricata: ET MALWARE Danabot Key Exchange Request
suricata: ET MALWARE Danabot Key Exchange Request
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-