General
-
Target
file.exe
-
Size
272KB
-
Sample
221005-219llsfhc6
-
MD5
8f6cba2efb3ec2ebc03f657370e6a419
-
SHA1
77d058b2dae8782b3cd0267810317c51cfda2fb9
-
SHA256
c07977990ba8f2760548e7b4b4abaa4336f63259f91a66676ccb581544036173
-
SHA512
63449e933f2c2b8176221951ddd1b26170a2fbb3d1dde792805385589f0b27ab13d96dea1eabf44ac4bfb1d8a12a417f724d9f5efcaaa96b2cb575a51bff2ee9
-
SSDEEP
6144:OR66f0LGlcRXf9k+iIX2RuzbgwuhS3mwVfUg:OMvKlc51lvwunn8g
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
danabot
-
embedded_hash
EAD30BF58E340E9E105B328F524565E0
-
type
loader
Targets
-
-
Target
file.exe
-
Size
272KB
-
MD5
8f6cba2efb3ec2ebc03f657370e6a419
-
SHA1
77d058b2dae8782b3cd0267810317c51cfda2fb9
-
SHA256
c07977990ba8f2760548e7b4b4abaa4336f63259f91a66676ccb581544036173
-
SHA512
63449e933f2c2b8176221951ddd1b26170a2fbb3d1dde792805385589f0b27ab13d96dea1eabf44ac4bfb1d8a12a417f724d9f5efcaaa96b2cb575a51bff2ee9
-
SSDEEP
6144:OR66f0LGlcRXf9k+iIX2RuzbgwuhS3mwVfUg:OMvKlc51lvwunn8g
Score10/10-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-