General
-
Target
2636d2eaa0e284a5e079b558af958ff94b5375893aa39ef55f4f55f7221e6d6e
-
Size
327KB
-
Sample
221215-lx6gsacb29
-
MD5
8d73778b1e919c68f023e8995a8aaee0
-
SHA1
b6ba513b4bf1830451aed41121ddf8b5e32ee01f
-
SHA256
2636d2eaa0e284a5e079b558af958ff94b5375893aa39ef55f4f55f7221e6d6e
-
SHA512
55d1de360d01ed559e44542254bc454d8d22e7b63f167265fb40d68c82c11c37f43e43d221ae76c841eaf736432ac87b63066056db91871289afb49b2598d999
-
SSDEEP
6144:0YEcLdiKSYgGFVQ2S9d4eWtGncS3Sbjfxur/tb:BhiKA2S9d3WtGnZSbjJurR
Static task
static1
Malware Config
Extracted
danabot
49.0.50.0:57
51.0.52.0:0
53.0.54.0:1200
55.0.56.0:65535
-
type
loader
Extracted
systembc
109.205.214.18:443
Targets
-
-
Target
2636d2eaa0e284a5e079b558af958ff94b5375893aa39ef55f4f55f7221e6d6e
-
Size
327KB
-
MD5
8d73778b1e919c68f023e8995a8aaee0
-
SHA1
b6ba513b4bf1830451aed41121ddf8b5e32ee01f
-
SHA256
2636d2eaa0e284a5e079b558af958ff94b5375893aa39ef55f4f55f7221e6d6e
-
SHA512
55d1de360d01ed559e44542254bc454d8d22e7b63f167265fb40d68c82c11c37f43e43d221ae76c841eaf736432ac87b63066056db91871289afb49b2598d999
-
SSDEEP
6144:0YEcLdiKSYgGFVQ2S9d4eWtGncS3Sbjfxur/tb:BhiKA2S9d3WtGnZSbjJurR
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Suspicious use of SetThreadContext
-