General
-
Target
3e2672a2317672593f579398b10f2128bd299fb259c3c92ad57091f22f0bacc5
-
Size
364KB
-
Sample
220701-qhc9xadgcn
-
MD5
399be6621b6c278df5b3dd72f82307a3
-
SHA1
72cc89d1b4697eb32062ca8b7594c4520c0e0bbe
-
SHA256
3e2672a2317672593f579398b10f2128bd299fb259c3c92ad57091f22f0bacc5
-
SHA512
bd6011d08ea9cff78ef114f29ee7eb4e759afdfc3d75c966cb56a1e3f085e1da0e334170fc04a730d9527d77e792892c42f51d7a10d44557f5f771aa0779a429
Static task
static1
Behavioral task
behavioral1
Sample
00192038_00192.scr
Resource
win7-20220414-en
Malware Config
Extracted
danabot
55.213.39.105
41.170.199.149
192.71.249.51
234.55.93.177
154.247.212.176
160.246.140.43
217.228.238.7
238.44.175.155
180.62.77.191
178.209.51.211
Targets
-
-
Target
00192038_00192.scr
-
Size
453KB
-
MD5
aa0ceac2adff012dc0ba93e1c5bb72ab
-
SHA1
31ff6c14bf11786d3084cf569669a0af457d1084
-
SHA256
864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
-
SHA512
36200bb05b1dc97b0e6bc17a0add145fa3600f18e701ed568f28c09a19c15e7a4820f37161831450d50ab7be9f232da2fdac5b6f70c069cd0e1003af0570e6e0
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-