General
-
Target
0aaea43e869ad4cce2816bcff8ce7e123a018269c0a051304d6c201c2c63027d
-
Size
2.5MB
-
Sample
221209-dyhhcacc25
-
MD5
152c3b581add67fca8ba40c77d644056
-
SHA1
4155212ddda85a89f2ae418b97981dc5caaf3225
-
SHA256
0aaea43e869ad4cce2816bcff8ce7e123a018269c0a051304d6c201c2c63027d
-
SHA512
62c5b9c611ca89028029538e98c20dba55dd76479400fd8c6cc08c2686267f02defd067872ca083da105c348af5452e3832b0c60bee08b7bb9f32dc2d97dd927
-
SSDEEP
49152:T6l6JsqDJtSZ9xs3Y9hPZ4NSiMoUl1lVFMmytPV3FkA5Oh0W:2lsDEWaH4NSjp7l7iV1DM
Static task
static1
Malware Config
Extracted
danabot
-
embedded_hash
341D2FD1638BB267A80C7445E1909B57
-
type
loader
Targets
-
-
Target
0aaea43e869ad4cce2816bcff8ce7e123a018269c0a051304d6c201c2c63027d
-
Size
2.5MB
-
MD5
152c3b581add67fca8ba40c77d644056
-
SHA1
4155212ddda85a89f2ae418b97981dc5caaf3225
-
SHA256
0aaea43e869ad4cce2816bcff8ce7e123a018269c0a051304d6c201c2c63027d
-
SHA512
62c5b9c611ca89028029538e98c20dba55dd76479400fd8c6cc08c2686267f02defd067872ca083da105c348af5452e3832b0c60bee08b7bb9f32dc2d97dd927
-
SSDEEP
49152:T6l6JsqDJtSZ9xs3Y9hPZ4NSiMoUl1lVFMmytPV3FkA5Oh0W:2lsDEWaH4NSjp7l7iV1DM
-
Blocklisted process makes network request
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-