General
-
Target
7CF34423D4B264D7B0174ECEE9E7A439DBCB33D71887E.exe
-
Size
6.0MB
-
Sample
220626-2z4c7sfgh4
-
MD5
9687e6d6f49549ad52265610676d2514
-
SHA1
8e3bc9d020e61e7d4415af8d17896dabe469c1ec
-
SHA256
7cf34423d4b264d7b0174ecee9e7a439dbcb33d71887e8c9c95941f928115097
-
SHA512
46c37fed4a274b1d2f9aac3bfa20c38a730b782f1ac20f75c55f4135dac881706e4046bb1f6d8582b11f7b94f1c856f511fcdceb83edce60d96e2b20e4b355bb
Static task
static1
Behavioral task
behavioral1
Sample
7CF34423D4B264D7B0174ECEE9E7A439DBCB33D71887E.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
1765
3
192.161.48.5:443
142.44.224.16:443
192.3.26.98:443
192.236.146.203:443
-
embedded_hash
B2585F6479280F48B64C99F950BBF36D
-
type
main
Targets
-
-
Target
7CF34423D4B264D7B0174ECEE9E7A439DBCB33D71887E.exe
-
Size
6.0MB
-
MD5
9687e6d6f49549ad52265610676d2514
-
SHA1
8e3bc9d020e61e7d4415af8d17896dabe469c1ec
-
SHA256
7cf34423d4b264d7b0174ecee9e7a439dbcb33d71887e8c9c95941f928115097
-
SHA512
46c37fed4a274b1d2f9aac3bfa20c38a730b782f1ac20f75c55f4135dac881706e4046bb1f6d8582b11f7b94f1c856f511fcdceb83edce60d96e2b20e4b355bb
-
suricata: ET MALWARE Danabot Key Exchange Request
suricata: ET MALWARE Danabot Key Exchange Request
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-