General
-
Target
cb0a6515ebf78cceb86464ac829ea872eea726aa7b8e34b8b43e1f7f36791711
-
Size
1.4MB
-
Sample
220502-3c3ntscca8
-
MD5
c9510672ebc4fc0795a731a02d89fcc6
-
SHA1
1c7d106778171f2e0b54a0db69cbe5364e8f6fd5
-
SHA256
cb0a6515ebf78cceb86464ac829ea872eea726aa7b8e34b8b43e1f7f36791711
-
SHA512
8dee2bdad143a339074faf05a824983d722bd6b30cc9f9a4b8632ec277d87ee5edee77ec6d5713946681795165c105b570b6621313884e6eb7b1ac7d46dc7c33
Static task
static1
Behavioral task
behavioral1
Sample
cb0a6515ebf78cceb86464ac829ea872eea726aa7b8e34b8b43e1f7f36791711.vbs
Resource
win7-20220414-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
cb0a6515ebf78cceb86464ac829ea872eea726aa7b8e34b8b43e1f7f36791711
-
Size
1.4MB
-
MD5
c9510672ebc4fc0795a731a02d89fcc6
-
SHA1
1c7d106778171f2e0b54a0db69cbe5364e8f6fd5
-
SHA256
cb0a6515ebf78cceb86464ac829ea872eea726aa7b8e34b8b43e1f7f36791711
-
SHA512
8dee2bdad143a339074faf05a824983d722bd6b30cc9f9a4b8632ec277d87ee5edee77ec6d5713946681795165c105b570b6621313884e6eb7b1ac7d46dc7c33
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-