General
-
Target
ee5069d5035c72cbb00f372e6032718b22d1bfbe75b4be3ca59e402aa68d450b
-
Size
1003KB
-
Sample
220625-mmcx6agffm
-
MD5
adc70afd78869ceba3b0a65d727be858
-
SHA1
3a7d38de441152e5b69d694fbb8f53c0612d7c06
-
SHA256
ee5069d5035c72cbb00f372e6032718b22d1bfbe75b4be3ca59e402aa68d450b
-
SHA512
fa42a28b0818c47cd9903229bc49c435dd73796698934eef4b148708b057d98877af7d07810decaa3b95687219ad74e731734f98666924aff7b2a4eeddab3d85
Static task
static1
Behavioral task
behavioral1
Sample
ee5069d5035c72cbb00f372e6032718b22d1bfbe75b4be3ca59e402aa68d450b.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
2.56.212.4
5.61.56.192
Targets
-
-
Target
ee5069d5035c72cbb00f372e6032718b22d1bfbe75b4be3ca59e402aa68d450b
-
Size
1003KB
-
MD5
adc70afd78869ceba3b0a65d727be858
-
SHA1
3a7d38de441152e5b69d694fbb8f53c0612d7c06
-
SHA256
ee5069d5035c72cbb00f372e6032718b22d1bfbe75b4be3ca59e402aa68d450b
-
SHA512
fa42a28b0818c47cd9903229bc49c435dd73796698934eef4b148708b057d98877af7d07810decaa3b95687219ad74e731734f98666924aff7b2a4eeddab3d85
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-