General
-
Target
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
-
Size
453KB
-
Sample
220701-qhb2vadgcm
-
MD5
aa0ceac2adff012dc0ba93e1c5bb72ab
-
SHA1
31ff6c14bf11786d3084cf569669a0af457d1084
-
SHA256
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
-
SHA512
36200bb05b1dc97b0e6bc17a0add145fa3600f18e701ed568f28c09a19c15e7a4820f37161831450d50ab7be9f232da2fdac5b6f70c069cd0e1003af0570e6e0
Static task
static1
Behavioral task
behavioral1
Sample
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
55.213.39.105
41.170.199.149
192.71.249.51
234.55.93.177
154.247.212.176
160.246.140.43
217.228.238.7
238.44.175.155
180.62.77.191
178.209.51.211
Targets
-
-
Target
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
-
Size
453KB
-
MD5
aa0ceac2adff012dc0ba93e1c5bb72ab
-
SHA1
31ff6c14bf11786d3084cf569669a0af457d1084
-
SHA256
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
-
SHA512
36200bb05b1dc97b0e6bc17a0add145fa3600f18e701ed568f28c09a19c15e7a4820f37161831450d50ab7be9f232da2fdac5b6f70c069cd0e1003af0570e6e0
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-