General
-
Target
C4BA15D516F167A6DBCBA5DE62B0ADB3E6F928A9CF746.exe
-
Size
4.4MB
-
Sample
220625-s8rlbscffk
-
MD5
2820526d4b78eb0f74e15f2755bf11a2
-
SHA1
282330102009652ba0a20de22617bf0cba352766
-
SHA256
c4ba15d516f167a6dbcba5de62b0adb3e6f928a9cf746e7eb1ed5eb8bc852db2
-
SHA512
fd0a9679cd82d5cb056d3dbd938877bf996bdee74bc8708f582e212d43305fdf75971cb1669e20d2f3c8e03be893f5c03b0b4577292b6a81486d1bb1e07fd44e
Static task
static1
Behavioral task
behavioral1
Sample
C4BA15D516F167A6DBCBA5DE62B0ADB3E6F928A9CF746.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
1732
3
23.106.122.10:443
193.34.167.163:443
192.236.192.241:443
192.236.192.238:443
-
embedded_hash
CF4A570E177DE0D08BB5A391C595CBD7
-
type
main
Targets
-
-
Target
C4BA15D516F167A6DBCBA5DE62B0ADB3E6F928A9CF746.exe
-
Size
4.4MB
-
MD5
2820526d4b78eb0f74e15f2755bf11a2
-
SHA1
282330102009652ba0a20de22617bf0cba352766
-
SHA256
c4ba15d516f167a6dbcba5de62b0adb3e6f928a9cf746e7eb1ed5eb8bc852db2
-
SHA512
fd0a9679cd82d5cb056d3dbd938877bf996bdee74bc8708f582e212d43305fdf75971cb1669e20d2f3c8e03be893f5c03b0b4577292b6a81486d1bb1e07fd44e
-
suricata: ET MALWARE Danabot Key Exchange Request
suricata: ET MALWARE Danabot Key Exchange Request
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-