General
-
Target
3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296
-
Size
687KB
-
Sample
220703-f2a9jsgefr
-
MD5
6dac1a3ff16b78e26bb59ada70f01af6
-
SHA1
9a735d323fc9a90061e2be03ca7b2fe859765685
-
SHA256
3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296
-
SHA512
f977a1d4cad0a3230667d93f5a8662a1df093b3627764ad5e998fa2b02edeae6a1e20d99813076b2da05f15a11b2f538c3c82502cddd6bc190c1c28445635f16
Static task
static1
Behavioral task
behavioral1
Sample
3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296.exe
Resource
win7-20220414-en
Malware Config
Extracted
danabot
193.103.171.195
116.2.174.16
96.89.5.167
208.140.75.37
89.144.25.243
192.71.249.51
6.17.108.150
40.147.224.49
82.245.40.118
150.82.21.153
Targets
-
-
Target
3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296
-
Size
687KB
-
MD5
6dac1a3ff16b78e26bb59ada70f01af6
-
SHA1
9a735d323fc9a90061e2be03ca7b2fe859765685
-
SHA256
3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296
-
SHA512
f977a1d4cad0a3230667d93f5a8662a1df093b3627764ad5e998fa2b02edeae6a1e20d99813076b2da05f15a11b2f538c3c82502cddd6bc190c1c28445635f16
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-