General
-
Target
60DB5DE363585FCE685056CDE11796F4CADC79C861E39.exe
-
Size
1MB
-
Sample
220412-wct85aeder
-
MD5
1323af5b087a2941e31817a98c035269
-
SHA1
65e101144578c32a03614039e2e6b3c04900c98a
-
SHA256
60db5de363585fce685056cde11796f4cadc79c861e39475ebd9bb2b9c6e8117
-
SHA512
2b7172a93ebaf6cce4bcde08038dc8666c57d580724dc32e3e586483e345499ced915a76ddd435c7a3be858ea77a314033a30bf1bd6e57942cdab877290e81c1
Static task
static1
Behavioral task
behavioral1
Sample
60DB5DE363585FCE685056CDE11796F4CADC79C861E39.exe
Resource
win7-20220310-en
Malware Config
Extracted
danabot
4
192.236.161.79:443
192.236.146.39:443
37.220.31.27:443
-
embedded_hash
7FF0AA10AB3BA961670646D23EAE3911
-
type
loader
Targets
-
-
Target
60DB5DE363585FCE685056CDE11796F4CADC79C861E39.exe
-
Size
1MB
-
MD5
1323af5b087a2941e31817a98c035269
-
SHA1
65e101144578c32a03614039e2e6b3c04900c98a
-
SHA256
60db5de363585fce685056cde11796f4cadc79c861e39475ebd9bb2b9c6e8117
-
SHA512
2b7172a93ebaf6cce4bcde08038dc8666c57d580724dc32e3e586483e345499ced915a76ddd435c7a3be858ea77a314033a30bf1bd6e57942cdab877290e81c1
-
suricata: ET MALWARE Danabot Key Exchange Request
suricata: ET MALWARE Danabot Key Exchange Request
-
Blocklisted process makes network request
-
Loads dropped DLL
-