General
-
Target
535f3c5756c98fb11c73758e16366d8db8a04f75e962e7cef1084d7520470ef5
-
Size
997KB
-
Sample
220520-2nln1sagan
-
MD5
d68fc5ecdcb504ec5935b6016eaffeb0
-
SHA1
7cf8d03da1f62ae3fe97f5d364c07fb7c2b2a497
-
SHA256
535f3c5756c98fb11c73758e16366d8db8a04f75e962e7cef1084d7520470ef5
-
SHA512
d6bf9136d3a2de75cb70b405423b63fcac19f9ca1b8cf2d812843f32876c8d6b561cc11489a2d950ed3f201d514bb37b18b2fe147dfd09e8996c6c9ddc0da16b
Static task
static1
Behavioral task
behavioral1
Sample
535f3c5756c98fb11c73758e16366d8db8a04f75e962e7cef1084d7520470ef5.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
2.56.212.4
5.61.56.192
Targets
-
-
Target
535f3c5756c98fb11c73758e16366d8db8a04f75e962e7cef1084d7520470ef5
-
Size
997KB
-
MD5
d68fc5ecdcb504ec5935b6016eaffeb0
-
SHA1
7cf8d03da1f62ae3fe97f5d364c07fb7c2b2a497
-
SHA256
535f3c5756c98fb11c73758e16366d8db8a04f75e962e7cef1084d7520470ef5
-
SHA512
d6bf9136d3a2de75cb70b405423b63fcac19f9ca1b8cf2d812843f32876c8d6b561cc11489a2d950ed3f201d514bb37b18b2fe147dfd09e8996c6c9ddc0da16b
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-