General
-
Target
45196ed615fd372c176cdf19f6482e0d5967da5d37758dbc14f356b9f23ab644
-
Size
1.4MB
-
Sample
220325-hy51vsgbdl
-
MD5
3574832b577757bec0da9deae80b04df
-
SHA1
d8148064a462543c6fc9a84534120c7fd2451599
-
SHA256
45196ed615fd372c176cdf19f6482e0d5967da5d37758dbc14f356b9f23ab644
-
SHA512
db755ea2edfb68389ac606a39ad7bcf6ffdd63d7d51af718216a849db03d11ca9fcf7b81d62f657e7e9a6f90f9f72adcc6c4b991cf9d4b5472fccff1eb1fa7e5
Static task
static1
Behavioral task
behavioral1
Sample
45196ed615fd372c176cdf19f6482e0d5967da5d37758dbc14f356b9f23ab644.vbs
Resource
win7-20220311-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
45196ed615fd372c176cdf19f6482e0d5967da5d37758dbc14f356b9f23ab644
-
Size
1.4MB
-
MD5
3574832b577757bec0da9deae80b04df
-
SHA1
d8148064a462543c6fc9a84534120c7fd2451599
-
SHA256
45196ed615fd372c176cdf19f6482e0d5967da5d37758dbc14f356b9f23ab644
-
SHA512
db755ea2edfb68389ac606a39ad7bcf6ffdd63d7d51af718216a849db03d11ca9fcf7b81d62f657e7e9a6f90f9f72adcc6c4b991cf9d4b5472fccff1eb1fa7e5
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-