General
-
Target
bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
-
Size
1.2MB
-
Sample
220926-zgp2radagk
-
MD5
199a3b0037920e0ac6d35239f772ab72
-
SHA1
797c4f73c275e733020b20f818509c7cefb73cf3
-
SHA256
bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
-
SHA512
610fe829eff518eb8a746f32d41b18c28e3a22c99fa8e371e7c7f5eea9ad97cdd396dfe7ee336b8968287a40e827c5bc78f12dbc93a76ec2531a22fc43fe6d3e
-
SSDEEP
24576:HwfOQIbCGzOPYln9AGUBGayPFLD6yBqcOHc+DGfh:HwW/CGzxOGBPFLmyBqcO8+yfh
Static task
static1
Malware Config
Extracted
danabot
198.15.112.179:443
185.62.56.245:443
153.92.223.225:443
192.119.70.159:443
-
embedded_hash
6618C163D57D6441FCCA65D86C4D380D
-
type
loader
Targets
-
-
Target
bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
-
Size
1.2MB
-
MD5
199a3b0037920e0ac6d35239f772ab72
-
SHA1
797c4f73c275e733020b20f818509c7cefb73cf3
-
SHA256
bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
-
SHA512
610fe829eff518eb8a746f32d41b18c28e3a22c99fa8e371e7c7f5eea9ad97cdd396dfe7ee336b8968287a40e827c5bc78f12dbc93a76ec2531a22fc43fe6d3e
-
SSDEEP
24576:HwfOQIbCGzOPYln9AGUBGayPFLD6yBqcOHc+DGfh:HwW/CGzxOGBPFLmyBqcO8+yfh
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-