General
-
Target
1d9a68e2ee289b805f652a0f09d98807c566cd012753bcf2f7e39f8d7aba8774
-
Size
145KB
-
Sample
221006-faqj6agfbn
-
MD5
aa1eff401f217c0f05d2f2412598e886
-
SHA1
bb24a1143e8bc65c7a15b61bfdc5aa7f6a109ede
-
SHA256
1d9a68e2ee289b805f652a0f09d98807c566cd012753bcf2f7e39f8d7aba8774
-
SHA512
dbbbfb23fde00050645da68c49ecb7062c5771b66f9ff14380dabb63efd85fa8fa09510a5784c002c8f52c2add6bc9da78b03a267aa1566dccfec66edd876a16
-
SSDEEP
3072:5L+xZc++ZWK+EPBNXiTzd7zJr8ewpxPT58YLL/O:xEsWK+EPBNXiNWewTPlH//
Static task
static1
Behavioral task
behavioral1
Sample
1d9a68e2ee289b805f652a0f09d98807c566cd012753bcf2f7e39f8d7aba8774.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
danabot
49.0.50.0:57
51.0.52.0:0
53.0.54.0:1200
55.0.56.0:65535
-
embedded_hash
EAD30BF58E340E9E105B328F524565E0
-
type
loader
Targets
-
-
Target
1d9a68e2ee289b805f652a0f09d98807c566cd012753bcf2f7e39f8d7aba8774
-
Size
145KB
-
MD5
aa1eff401f217c0f05d2f2412598e886
-
SHA1
bb24a1143e8bc65c7a15b61bfdc5aa7f6a109ede
-
SHA256
1d9a68e2ee289b805f652a0f09d98807c566cd012753bcf2f7e39f8d7aba8774
-
SHA512
dbbbfb23fde00050645da68c49ecb7062c5771b66f9ff14380dabb63efd85fa8fa09510a5784c002c8f52c2add6bc9da78b03a267aa1566dccfec66edd876a16
-
SSDEEP
3072:5L+xZc++ZWK+EPBNXiTzd7zJr8ewpxPT58YLL/O:xEsWK+EPBNXiNWewTPlH//
Score10/10-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-