Overview

overview

10

Static

static

10

330230b667...f5.dll

windows7_x64

10

330230b667...f5.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    330230b667873603377f0802abf01af99a778330b30b6190174a13c1aa1808f5

  • Size

    1.4MB

  • MD5

    ab7dbbf3b7146aea68cb674376eb61c8

  • SHA1

    072c3aa96981ab83bd400151b3bcd219e8ea777a

  • SHA256

    330230b667873603377f0802abf01af99a778330b30b6190174a13c1aa1808f5

  • SHA512

    9801d142820f33aede76d6250f17da133e4a31d7f57defd41c92c32cfc09804cb13d7e4e6759c63a319855d57a293a13c7680ef24bed14a095854828f5e12259

  • SSDEEP

    24576:a5PGEeH9dbe5+EMO5+l+uQ7QR54DpxL9:GzYFeX+lwRDvL9

Score
10/10
botnetdanabot

Malware Config

Extracted

Family

danabot

C2

236.34.98.36

184.82.0.199

99.142.111.190

11.202.75.114

98.208.224.126

191.90.126.19

20.31.15.28

195.123.220.45

149.154.159.213

248.83.33.201
rsa_pubkey.plain

Signatures

  • Danabot family
    danabot
  • Danabot x86 payload 1 IoCs

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

Files

  • 330230b667873603377f0802abf01af99a778330b30b6190174a13c1aa1808f5
    .dll windows x86

    16910e2eb7e8f331f01c3d5865473690


    Headers

    Imports

    Exports

    Sections