General
-
Target
2aa813e888606a1acab6e89ea886c993d448f1ae97a0f46fb8cc670decc850f1
-
Size
890KB
-
Sample
220615-fg6jysdger
-
MD5
7c0cae1c4eb0e3633d5b4e7fe2be525f
-
SHA1
00b865b9d5178d72ecc03c0462800a4b8e7e93ef
-
SHA256
2aa813e888606a1acab6e89ea886c993d448f1ae97a0f46fb8cc670decc850f1
-
SHA512
8a0d2db90ed27fb3eb1747c6d9d4505d64eb67a6f3db9ab25756b22f86e08407a6d28a60cea8c49aeb3e1e5178acc4f0d899a2a1582a88b7ccc9b9c2a9f6d55f
Static task
static1
Behavioral task
behavioral1
Sample
2aa813e888606a1acab6e89ea886c993d448f1ae97a0f46fb8cc670decc850f1.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
224.233.78.25
56.240.227.37
96.59.105.177
253.78.52.99
149.154.159.213
89.217.209.119
195.123.220.45
177.223.102.4
6.164.247.12
250.48.199.39
Targets
-
-
Target
2aa813e888606a1acab6e89ea886c993d448f1ae97a0f46fb8cc670decc850f1
-
Size
890KB
-
MD5
7c0cae1c4eb0e3633d5b4e7fe2be525f
-
SHA1
00b865b9d5178d72ecc03c0462800a4b8e7e93ef
-
SHA256
2aa813e888606a1acab6e89ea886c993d448f1ae97a0f46fb8cc670decc850f1
-
SHA512
8a0d2db90ed27fb3eb1747c6d9d4505d64eb67a6f3db9ab25756b22f86e08407a6d28a60cea8c49aeb3e1e5178acc4f0d899a2a1582a88b7ccc9b9c2a9f6d55f
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-