General
-
Target
031696a851471374edc973ea9fa0085bdf491e9874533fc75e827d8bef00e2c9
-
Size
1.4MB
-
Sample
220502-3cwwaacca2
-
MD5
c5405d72402de5c0d7303bbcf0f701b6
-
SHA1
f4bd158ef7e3f1d1fc66a2ebb0fe0f97d1328b25
-
SHA256
031696a851471374edc973ea9fa0085bdf491e9874533fc75e827d8bef00e2c9
-
SHA512
4fa90d32fda1201e162811c361ff2ebcccb521144fa7db844ec2bb0e3e379cd41e1a488bef62846d45b99f49aebb8ec2886e84c882c3d31e33e059936998ca71
Static task
static1
Behavioral task
behavioral1
Sample
031696a851471374edc973ea9fa0085bdf491e9874533fc75e827d8bef00e2c9.vbs
Resource
win7-20220414-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
031696a851471374edc973ea9fa0085bdf491e9874533fc75e827d8bef00e2c9
-
Size
1.4MB
-
MD5
c5405d72402de5c0d7303bbcf0f701b6
-
SHA1
f4bd158ef7e3f1d1fc66a2ebb0fe0f97d1328b25
-
SHA256
031696a851471374edc973ea9fa0085bdf491e9874533fc75e827d8bef00e2c9
-
SHA512
4fa90d32fda1201e162811c361ff2ebcccb521144fa7db844ec2bb0e3e379cd41e1a488bef62846d45b99f49aebb8ec2886e84c882c3d31e33e059936998ca71
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-