General
-
Target
9e4a64c4fa6e39c031f18cfcd311b6aed33b8f9b10c889b269a3aa632660939a
-
Size
3.7MB
-
Sample
220319-nlfhbsgge7
-
MD5
b6995dfce95739d32e89823d511a1f88
-
SHA1
be65ab3e8131596c5dbad4ad0a28d2812c32b247
-
SHA256
9e4a64c4fa6e39c031f18cfcd311b6aed33b8f9b10c889b269a3aa632660939a
-
SHA512
ed4b5b6027b7d5ab1095dd38bbdb7cdfde816b659a018d82b03089ff5f918779e56fdd719eda95cf21ac899f1dfbaf004d2ea9286535e874c4fd7c5bf826264f
Static task
static1
Behavioral task
behavioral1
Sample
9e4a64c4fa6e39c031f18cfcd311b6aed33b8f9b10c889b269a3aa632660939a.dll
Resource
win7-20220311-en
Malware Config
Extracted
danabot
1732
3
167.114.188.38:443
23.254.118.230:443
51.195.73.129:443
-
embedded_hash
FDF53441EFF9FF204FC962CE9ECC819F
-
type
main
Targets
-
-
Target
9e4a64c4fa6e39c031f18cfcd311b6aed33b8f9b10c889b269a3aa632660939a
-
Size
3.7MB
-
MD5
b6995dfce95739d32e89823d511a1f88
-
SHA1
be65ab3e8131596c5dbad4ad0a28d2812c32b247
-
SHA256
9e4a64c4fa6e39c031f18cfcd311b6aed33b8f9b10c889b269a3aa632660939a
-
SHA512
ed4b5b6027b7d5ab1095dd38bbdb7cdfde816b659a018d82b03089ff5f918779e56fdd719eda95cf21ac899f1dfbaf004d2ea9286535e874c4fd7c5bf826264f
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-