General
-
Target
4b9d0eec327ee2422af8e720fc33dee3.dll
-
Size
1.3MB
-
Sample
220413-yr36paffgk
-
MD5
4b9d0eec327ee2422af8e720fc33dee3
-
SHA1
adf9c54bcc31cdc45ceea8bc8ade56e55de71121
-
SHA256
b6e2dcddf2c2b5ed16db6c0d63ddd9aee550666e347c6aabb9e278fd839ae240
-
SHA512
76f61870911a41f7b9f0aa5bd0662c32ea9fe6fa0dc23b97a7f5f1e9cd387de544b1197cf39117a70f139fda43a73ec543b3a75b7cb6b7d12b68dcacdeafedec
Behavioral task
behavioral1
Sample
4b9d0eec327ee2422af8e720fc33dee3.dll
Resource
win7-20220331-en
Malware Config
Extracted
danabot
4
104.168.148.6:443
5.9.224.204:443
192.210.222.81:443
23.229.29.48:443
-
embedded_hash
0E1A7A1479C37094441FA911262B322A
-
type
loader
Targets
-
-
Target
4b9d0eec327ee2422af8e720fc33dee3.dll
-
Size
1.3MB
-
MD5
4b9d0eec327ee2422af8e720fc33dee3
-
SHA1
adf9c54bcc31cdc45ceea8bc8ade56e55de71121
-
SHA256
b6e2dcddf2c2b5ed16db6c0d63ddd9aee550666e347c6aabb9e278fd839ae240
-
SHA512
76f61870911a41f7b9f0aa5bd0662c32ea9fe6fa0dc23b97a7f5f1e9cd387de544b1197cf39117a70f139fda43a73ec543b3a75b7cb6b7d12b68dcacdeafedec
-
suricata: ET MALWARE Danabot Key Exchange Request
suricata: ET MALWARE Danabot Key Exchange Request
-
Blocklisted process makes network request
-