General
-
Target
ac3cbbc36a7a5c9f551aca322dc0e19578d12a9bca3346cc5ff298e811f1b0f3
-
Size
214KB
-
Sample
221218-wbyvxsda93
-
MD5
dbac1e546c31e01df2df4b2ebee2f2b5
-
SHA1
f7837f0e02f5c0e7f3dd5ad86ee9946e1a6c81d1
-
SHA256
ac3cbbc36a7a5c9f551aca322dc0e19578d12a9bca3346cc5ff298e811f1b0f3
-
SHA512
59772e87a7b596dda7afb9895fa00c5eaaacc423c8260f6c9bbca1b5218cc48424e12fb6c2d810252fbad8a8217b9d642c99dcb1d43c15d3a5228cd3cf9054e7
-
SSDEEP
3072:WwUBO36L+Zj21WClRB4cRO0BZyGiyctNRAtOba+3QnBtjcbImdzmuX:nUBNL+x21j9xRO0BZ/ct03BtjcbXF
Static task
static1
Behavioral task
behavioral1
Sample
ac3cbbc36a7a5c9f551aca322dc0e19578d12a9bca3346cc5ff298e811f1b0f3.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
danabot
23.236.181.126:443
123.253.35.251:443
66.85.173.3:443
-
embedded_hash
8F56CD73F6B5CD5D7B17B0BA61E70A82
-
type
loader
Targets
-
-
Target
ac3cbbc36a7a5c9f551aca322dc0e19578d12a9bca3346cc5ff298e811f1b0f3
-
Size
214KB
-
MD5
dbac1e546c31e01df2df4b2ebee2f2b5
-
SHA1
f7837f0e02f5c0e7f3dd5ad86ee9946e1a6c81d1
-
SHA256
ac3cbbc36a7a5c9f551aca322dc0e19578d12a9bca3346cc5ff298e811f1b0f3
-
SHA512
59772e87a7b596dda7afb9895fa00c5eaaacc423c8260f6c9bbca1b5218cc48424e12fb6c2d810252fbad8a8217b9d642c99dcb1d43c15d3a5228cd3cf9054e7
-
SSDEEP
3072:WwUBO36L+Zj21WClRB4cRO0BZyGiyctNRAtOba+3QnBtjcbImdzmuX:nUBNL+x21j9xRO0BZ/ct03BtjcbXF
Score10/10-
Detects Smokeloader packer
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-