General
-
Target
06ea48657f7e9f20bb7a3099f073b9fbe54d4f46c9829024ffd2ebbd066e060f
-
Size
889KB
-
Sample
220531-em6lgaheeq
-
MD5
6b87be2e72a0bdd6c211fc414a5c1a4b
-
SHA1
069bad49436fc6fbc426f261e0292e021ba4cd3d
-
SHA256
06ea48657f7e9f20bb7a3099f073b9fbe54d4f46c9829024ffd2ebbd066e060f
-
SHA512
773fd3105da366a905841e3065973f76ff7b0ce98a990cd8c6173d9617473dd9485596a4be9d943a7ad4e3f0afedc368b6d21d9d6066a915adfa39b4cccc1a04
Static task
static1
Behavioral task
behavioral1
Sample
06ea48657f7e9f20bb7a3099f073b9fbe54d4f46c9829024ffd2ebbd066e060f.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
66.165.187.11
5.188.86.20
146.229.67.12
63.52.107.167
236.45.221.28
227.169.205.146
149.154.159.213
72.184.122.49
114.26.195.117
154.94.158.126
Targets
-
-
Target
06ea48657f7e9f20bb7a3099f073b9fbe54d4f46c9829024ffd2ebbd066e060f
-
Size
889KB
-
MD5
6b87be2e72a0bdd6c211fc414a5c1a4b
-
SHA1
069bad49436fc6fbc426f261e0292e021ba4cd3d
-
SHA256
06ea48657f7e9f20bb7a3099f073b9fbe54d4f46c9829024ffd2ebbd066e060f
-
SHA512
773fd3105da366a905841e3065973f76ff7b0ce98a990cd8c6173d9617473dd9485596a4be9d943a7ad4e3f0afedc368b6d21d9d6066a915adfa39b4cccc1a04
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-