General
-
Target
7dc38c894fa560ec5c212c12751a306111f223cf245e4f9bad113938827041c5
-
Size
145KB
-
Sample
221006-bgwmjagae9
-
MD5
9278572290796cb6a8f80297d82b7b90
-
SHA1
0e8cf0306a07208d0d38c3e159a961c73b5096cb
-
SHA256
7dc38c894fa560ec5c212c12751a306111f223cf245e4f9bad113938827041c5
-
SHA512
bdb9469eb59c56d99ed7a87f4c5443f535304b55deeb033f160c716776f1ebafdb17d129bb18e8ba14115f6a21f0f96657188acf13b9cd5d292dcf8444a9cd18
-
SSDEEP
3072:YbJk1BhfVsi2c99mH0Y5blznQsBRgLLS/VU+a2Yu5O:4Wxsi2c9hcRQXLLS/VU+a25
Static task
static1
Behavioral task
behavioral1
Sample
7dc38c894fa560ec5c212c12751a306111f223cf245e4f9bad113938827041c5.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
danabot
-
embedded_hash
EAD30BF58E340E9E105B328F524565E0
-
type
loader
Targets
-
-
Target
7dc38c894fa560ec5c212c12751a306111f223cf245e4f9bad113938827041c5
-
Size
145KB
-
MD5
9278572290796cb6a8f80297d82b7b90
-
SHA1
0e8cf0306a07208d0d38c3e159a961c73b5096cb
-
SHA256
7dc38c894fa560ec5c212c12751a306111f223cf245e4f9bad113938827041c5
-
SHA512
bdb9469eb59c56d99ed7a87f4c5443f535304b55deeb033f160c716776f1ebafdb17d129bb18e8ba14115f6a21f0f96657188acf13b9cd5d292dcf8444a9cd18
-
SSDEEP
3072:YbJk1BhfVsi2c99mH0Y5blznQsBRgLLS/VU+a2Yu5O:4Wxsi2c9hcRQXLLS/VU+a25
Score10/10-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-