General
-
Target
f2bfbee4c26ad964260def8e1b4dbd863fed79bc10939c0414a4273a78904c47
-
Size
145KB
-
Sample
221006-dtvl4sgdgr
-
MD5
cff7b34517e402a48b64ab432318442e
-
SHA1
db3a780a3126794908d48cd8db8491d9d75d562a
-
SHA256
f2bfbee4c26ad964260def8e1b4dbd863fed79bc10939c0414a4273a78904c47
-
SHA512
ecd0696e7e784b251eb17819de39fe517c71667e4d531a34edfcab37ac123188e0c18e33a5f535e5393661c8ce991487ee5a6160836f0b4459a84b8b6c11e765
-
SSDEEP
3072:Md1AxnWhfLYoyUxUYCX1yu7WBYA1AzpuG5/lXFkQoO:OinoYoyUvM41rilVo
Static task
static1
Behavioral task
behavioral1
Sample
f2bfbee4c26ad964260def8e1b4dbd863fed79bc10939c0414a4273a78904c47.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
danabot
49.0.50.0:57
51.0.52.0:0
53.0.54.0:1200
55.0.56.0:65535
-
embedded_hash
EAD30BF58E340E9E105B328F524565E0
-
type
loader
Targets
-
-
Target
f2bfbee4c26ad964260def8e1b4dbd863fed79bc10939c0414a4273a78904c47
-
Size
145KB
-
MD5
cff7b34517e402a48b64ab432318442e
-
SHA1
db3a780a3126794908d48cd8db8491d9d75d562a
-
SHA256
f2bfbee4c26ad964260def8e1b4dbd863fed79bc10939c0414a4273a78904c47
-
SHA512
ecd0696e7e784b251eb17819de39fe517c71667e4d531a34edfcab37ac123188e0c18e33a5f535e5393661c8ce991487ee5a6160836f0b4459a84b8b6c11e765
-
SSDEEP
3072:Md1AxnWhfLYoyUxUYCX1yu7WBYA1AzpuG5/lXFkQoO:OinoYoyUvM41rilVo
Score10/10-
Detects Smokeloader packer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-