General
-
Target
wfrrkvvx.exe
-
Size
1.8MB
-
Sample
221011-q4nb1agdd4
-
MD5
2ac6d3832ea60acf4e1bafe3ed4081a1
-
SHA1
7fb64960288a64b4fce3aee650d2d84efb9a8f8f
-
SHA256
7e1f0af96408d36f43a2325adc3b36fe795f9e579befdabd4210ede420c9905d
-
SHA512
81c987aeb547fdf2449ee75c19e7476117a9eadc90cd0ccace0483f1d8863cd5d6f67b50ea8f4f6cb1783c3f92ac91d19364eee83a74dfa9be13a919047ebdda
-
SSDEEP
49152:uQlnpoyJwlry1E5ck54NpY6Y9xARpeMyn1obTis6yHX:uQlnpoyeryui822U/tmIB6
Static task
static1
Behavioral task
behavioral1
Sample
wfrrkvvx.exe
Resource
win7-20220812-en
Malware Config
Extracted
danabot
4
142.11.244.223:443
23.106.122.139:443
192.119.110.73:443
-
embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
-
type
loader
Targets
-
-
Target
wfrrkvvx.exe
-
Size
1.8MB
-
MD5
2ac6d3832ea60acf4e1bafe3ed4081a1
-
SHA1
7fb64960288a64b4fce3aee650d2d84efb9a8f8f
-
SHA256
7e1f0af96408d36f43a2325adc3b36fe795f9e579befdabd4210ede420c9905d
-
SHA512
81c987aeb547fdf2449ee75c19e7476117a9eadc90cd0ccace0483f1d8863cd5d6f67b50ea8f4f6cb1783c3f92ac91d19364eee83a74dfa9be13a919047ebdda
-
SSDEEP
49152:uQlnpoyJwlry1E5ck54NpY6Y9xARpeMyn1obTis6yHX:uQlnpoyeryui822U/tmIB6
-
Danabot Loader Component
-
Loads dropped DLL
-