Overview

overview

10

Static

static

10

8c9c56a08b...2c.dll

windows7-x64

10

8c9c56a08b...2c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c9c56a08b9cc58d1cc57309695ef07ce367a8a7bfac2485328919a954ea7f2c

  • Size

    1.4MB

  • MD5

    6b448c6851f3235c9b3d0c24353c480f

  • SHA1

    f01bfd3a21a887bc85eb6b02baf28f7640513d03

  • SHA256

    8c9c56a08b9cc58d1cc57309695ef07ce367a8a7bfac2485328919a954ea7f2c

  • SHA512

    663df12c36a4817da30f88072d1195bbbd1b37a4023f0de67b62d0d4deef15bcbb4c2a025648186a22573dba3cd5480701925f0f30cddafff89c053790dffbf3

  • SSDEEP

    24576:Ipz8SyC4RiuOdswpRxS19RalDnQWYUIc6N:O+Ru/QDUIc6N

Score
10/10
botnetdanabot

Malware Config

Extracted

Family

danabot

C2

243.127.43.6

64.126.175.2

130.15.230.152

74.99.136.192

244.14.226.35

95.179.168.37

51.129.76.8

151.210.85.159

45.76.123.177

75.57.14.121
rsa_pubkey.plain

Signatures

  • Danabot family
    danabot
  • Danabot x86 payload 1 IoCs

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

Files

  • 8c9c56a08b9cc58d1cc57309695ef07ce367a8a7bfac2485328919a954ea7f2c
    .dll windows x86

    8e0d7c744eaf65ae5e47ef02df9cf38f


    Headers

    Imports

    Exports

    Sections