General
-
Target
287a774c47ad434a2280b76c9d7c2c89390ea2d69f2ae944909716ba6111c619
-
Size
1.3MB
-
Sample
220924-nzpyxscegk
-
MD5
1dbaa0102ec2dbb7a37bdd3e62e60d9b
-
SHA1
ddc45fcb829e05d8d137b82c64c1a13134b91198
-
SHA256
287a774c47ad434a2280b76c9d7c2c89390ea2d69f2ae944909716ba6111c619
-
SHA512
e2e06155bd568f4e74499ab1d4e4559d352051103d49fdb024b8f428cc2266a68d4b57f0209cff40951326275ba8472711699d4fd900cb10831d0b5098820dd7
-
SSDEEP
24576:1Y1pv/Yj7KetYD7NO++w+HYnA8F7U/Tie/JgdhcpHh1acTQ:Gpv/8Wet0N2WFUTi2JPhtTQ
Static task
static1
Malware Config
Extracted
danabot
198.15.112.179:443
185.62.56.245:443
153.92.223.225:443
192.119.70.159:443
-
embedded_hash
6618C163D57D6441FCCA65D86C4D380D
-
type
loader
Targets
-
-
Target
287a774c47ad434a2280b76c9d7c2c89390ea2d69f2ae944909716ba6111c619
-
Size
1.3MB
-
MD5
1dbaa0102ec2dbb7a37bdd3e62e60d9b
-
SHA1
ddc45fcb829e05d8d137b82c64c1a13134b91198
-
SHA256
287a774c47ad434a2280b76c9d7c2c89390ea2d69f2ae944909716ba6111c619
-
SHA512
e2e06155bd568f4e74499ab1d4e4559d352051103d49fdb024b8f428cc2266a68d4b57f0209cff40951326275ba8472711699d4fd900cb10831d0b5098820dd7
-
SSDEEP
24576:1Y1pv/Yj7KetYD7NO++w+HYnA8F7U/Tie/JgdhcpHh1acTQ:Gpv/8Wet0N2WFUTi2JPhtTQ
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-