General
-
Target
file.exe
-
Size
327KB
-
Sample
220928-kl1lqageep
-
MD5
5c7e862b9201b120959e3df258c2cd07
-
SHA1
bb32baa88e28c8823e17abfff5e8b1653f577842
-
SHA256
a749aafd3cf83fcfe2a763e09cca6521c3176b3c78af41fecbf5406af99bcfa2
-
SHA512
0c2919811a31f31fd16e1f252889c82d8226b908d80fbc6bc516fc7b3dc14caf6420093b8d8e7b1b66080789e964b592c9a12dbdf5887ec5f50e648c13db095b
-
SSDEEP
3072:A2XsuMvfYKO+cpj8f5thZ+5Xbo74YKHhIxPcKprtBU1P8/UBOBz0KFE5QM/h3Bsq:Ae1Z6cYhovYQIxBz0enigabwVfs
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
danabot
198.15.112.179:443
185.62.56.245:443
153.92.223.225:443
192.119.70.159:443
-
embedded_hash
6618C163D57D6441FCCA65D86C4D380D
-
type
loader
Extracted
systembc
141.98.82.229:4001
Targets
-
-
Target
file.exe
-
Size
327KB
-
MD5
5c7e862b9201b120959e3df258c2cd07
-
SHA1
bb32baa88e28c8823e17abfff5e8b1653f577842
-
SHA256
a749aafd3cf83fcfe2a763e09cca6521c3176b3c78af41fecbf5406af99bcfa2
-
SHA512
0c2919811a31f31fd16e1f252889c82d8226b908d80fbc6bc516fc7b3dc14caf6420093b8d8e7b1b66080789e964b592c9a12dbdf5887ec5f50e648c13db095b
-
SSDEEP
3072:A2XsuMvfYKO+cpj8f5thZ+5Xbo74YKHhIxPcKprtBU1P8/UBOBz0KFE5QM/h3Bsq:Ae1Z6cYhovYQIxBz0enigabwVfs
-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-