General
-
Target
6f6a2ab9d85173b049ed2654e9efda2332b215ba4480618177a789ff0af1d0f9
-
Size
998KB
-
Sample
220625-mmd58aagh4
-
MD5
695a4122879652c1a3d32bddb0957b35
-
SHA1
6375f5a1a70fc999dc760734cca1ce248e9b53fa
-
SHA256
6f6a2ab9d85173b049ed2654e9efda2332b215ba4480618177a789ff0af1d0f9
-
SHA512
db8ae2b5b1af341dc040a16719753d833914b9737d37fa9237b62f8023e0e8f6f35089b3072822e28b02a4a84dc109ddf49d4daef4ad6c7e72ec7b48d1c6fd84
Static task
static1
Behavioral task
behavioral1
Sample
6f6a2ab9d85173b049ed2654e9efda2332b215ba4480618177a789ff0af1d0f9.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
2.56.212.4
5.61.56.192
Targets
-
-
Target
6f6a2ab9d85173b049ed2654e9efda2332b215ba4480618177a789ff0af1d0f9
-
Size
998KB
-
MD5
695a4122879652c1a3d32bddb0957b35
-
SHA1
6375f5a1a70fc999dc760734cca1ce248e9b53fa
-
SHA256
6f6a2ab9d85173b049ed2654e9efda2332b215ba4480618177a789ff0af1d0f9
-
SHA512
db8ae2b5b1af341dc040a16719753d833914b9737d37fa9237b62f8023e0e8f6f35089b3072822e28b02a4a84dc109ddf49d4daef4ad6c7e72ec7b48d1c6fd84
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-