General
-
Target
b5197c3bf67da872ba9d0b7366367c45790c4d5cc7be8b8109acee8d7f1152d8
-
Size
3.7MB
-
Sample
220326-1gefpahfg5
-
MD5
8ae60d14802fac0d5d8ddf4ab4e64cfd
-
SHA1
f8023b26304a891897b57c10a1d0bdec4f9c0d6a
-
SHA256
b5197c3bf67da872ba9d0b7366367c45790c4d5cc7be8b8109acee8d7f1152d8
-
SHA512
1201a79794c7e50c3ed09c917a323bd43146a4b7c9884ccc522ab8d89abb2c893ad1f2ea683acdfa724793da764c62673a7809a95feec6c8e05a4e055e06b677
Static task
static1
Behavioral task
behavioral1
Sample
b5197c3bf67da872ba9d0b7366367c45790c4d5cc7be8b8109acee8d7f1152d8.dll
Resource
win7-20220311-en
Malware Config
Extracted
danabot
1732
3
104.227.34.227:443
64.188.20.187:443
51.195.73.129:443
176.123.2.249:443
-
embedded_hash
6266E79288DFE2AE2C2DB47563C7F93A
-
type
main
Targets
-
-
Target
b5197c3bf67da872ba9d0b7366367c45790c4d5cc7be8b8109acee8d7f1152d8
-
Size
3.7MB
-
MD5
8ae60d14802fac0d5d8ddf4ab4e64cfd
-
SHA1
f8023b26304a891897b57c10a1d0bdec4f9c0d6a
-
SHA256
b5197c3bf67da872ba9d0b7366367c45790c4d5cc7be8b8109acee8d7f1152d8
-
SHA512
1201a79794c7e50c3ed09c917a323bd43146a4b7c9884ccc522ab8d89abb2c893ad1f2ea683acdfa724793da764c62673a7809a95feec6c8e05a4e055e06b677
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-