General
-
Target
f17d3dde9529a1087c2f54362bb88b2cdb809560ed69c45dbc2bd69f85abc551
-
Size
3.7MB
-
Sample
220319-wrvs7sfea3
-
MD5
061a227f79536203b16b2212bc49b166
-
SHA1
b3e2a59cc159fcf29c8c7d4651bfebc3e854d5cd
-
SHA256
f17d3dde9529a1087c2f54362bb88b2cdb809560ed69c45dbc2bd69f85abc551
-
SHA512
8921e37f2d351635a3b76ccfff8705fc3cfa60eec041ba68cc52e505565812ffed489ef86dbd935b683bf9e325fbe8f342a17f09a17c81521e69531747c35146
Static task
static1
Behavioral task
behavioral1
Sample
f17d3dde9529a1087c2f54362bb88b2cdb809560ed69c45dbc2bd69f85abc551.dll
Resource
win7-20220311-en
Malware Config
Extracted
danabot
1732
3
23.226.132.92:443
108.62.141.152:443
108.62.118.103:443
192.241.101.68:443
-
embedded_hash
49574F66CD0103BBD725C08A9805C2BE
-
type
main
Targets
-
-
Target
f17d3dde9529a1087c2f54362bb88b2cdb809560ed69c45dbc2bd69f85abc551
-
Size
3.7MB
-
MD5
061a227f79536203b16b2212bc49b166
-
SHA1
b3e2a59cc159fcf29c8c7d4651bfebc3e854d5cd
-
SHA256
f17d3dde9529a1087c2f54362bb88b2cdb809560ed69c45dbc2bd69f85abc551
-
SHA512
8921e37f2d351635a3b76ccfff8705fc3cfa60eec041ba68cc52e505565812ffed489ef86dbd935b683bf9e325fbe8f342a17f09a17c81521e69531747c35146
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-