General
-
Target
e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
-
Size
1.3MB
-
Sample
220420-k52ccsedf3
-
MD5
9a6daf1dd79a5b780136e3c21acf6a8b
-
SHA1
8db287888a361391e501cf05f7958c09f75a90c4
-
SHA256
e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
-
SHA512
edf2e1b385541b9a26059f0ca5cb92c67533e75c96d653c67bdb48912aca7b0d65b83680ad94b1c380dc422a55274251c6384079a30dc34c5c7e51cb79a9ebae
Static task
static1
Behavioral task
behavioral1
Sample
e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f.vbs
Resource
win7-20220414-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
-
Size
1.3MB
-
MD5
9a6daf1dd79a5b780136e3c21acf6a8b
-
SHA1
8db287888a361391e501cf05f7958c09f75a90c4
-
SHA256
e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
-
SHA512
edf2e1b385541b9a26059f0ca5cb92c67533e75c96d653c67bdb48912aca7b0d65b83680ad94b1c380dc422a55274251c6384079a30dc34c5c7e51cb79a9ebae
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-