General
-
Target
72fa468dd1c931ad5eafd8423d76639d.bin.exe
-
Size
948KB
-
Sample
221130-lfd17sbd2v
-
MD5
72fa468dd1c931ad5eafd8423d76639d
-
SHA1
db9de9890ac62eb8896133ab1dde66d01b3cee2d
-
SHA256
9a4e68d142593c0b68ce959f4c34bbdf477d67096eaa6db92b1577270e63c122
-
SHA512
bc3ec5c56f6253b1842e838067250aa1c3efc6ff58d1fadf1b1cd53d488fe5e11a426abc64dfc537915cd62da07f4a3e08bb31a6682eb5d2987b46ba82a34a2a
-
SSDEEP
24576:2PwCztr2dnOG8d3bS4ID4TpwkzXCD4D2ofZskmgPr:dCzIhWpIvkLCD2f1mgP
Static task
static1
Behavioral task
behavioral1
Sample
72fa468dd1c931ad5eafd8423d76639d.bin.exe
Resource
win7-20221111-en
Malware Config
Extracted
danabot
5.61.58.130
2.56.213.39
5.61.56.192
Targets
-
-
Target
72fa468dd1c931ad5eafd8423d76639d.bin.exe
-
Size
948KB
-
MD5
72fa468dd1c931ad5eafd8423d76639d
-
SHA1
db9de9890ac62eb8896133ab1dde66d01b3cee2d
-
SHA256
9a4e68d142593c0b68ce959f4c34bbdf477d67096eaa6db92b1577270e63c122
-
SHA512
bc3ec5c56f6253b1842e838067250aa1c3efc6ff58d1fadf1b1cd53d488fe5e11a426abc64dfc537915cd62da07f4a3e08bb31a6682eb5d2987b46ba82a34a2a
-
SSDEEP
24576:2PwCztr2dnOG8d3bS4ID4TpwkzXCD4D2ofZskmgPr:dCzIhWpIvkLCD2f1mgP
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-