General
-
Target
59373e55e84ab54d72a9055139cdd5f616cf20d675c80a6f43d0187e90708e95
-
Size
2.4MB
-
Sample
221220-rvz5wadb21
-
MD5
9063f431865e37cebc4787654a00d422
-
SHA1
28c42d6109dfd329580aa36e7c75a8053523ee8a
-
SHA256
59373e55e84ab54d72a9055139cdd5f616cf20d675c80a6f43d0187e90708e95
-
SHA512
4f276fcecbcec0cca1a6addfee3493a38038157cf1c4e176c766aaae9b758cd6010b1de5930077e14635762dcd1502602456797789c6e1fb337c1d76e454dc42
-
SSDEEP
49152:zrqVHNsAsWe8AdaSTBfA3XGGuGqTN8LxZ:zaPenfA32h8Lz
Static task
static1
Behavioral task
behavioral1
Sample
59373e55e84ab54d72a9055139cdd5f616cf20d675c80a6f43d0187e90708e95.dll
Resource
win7-20221111-en
Malware Config
Extracted
danabot
23.236.181.126:443
123.253.35.251:443
66.85.173.3:443
-
embedded_hash
92B83759E82A7F5FC8470055A5CEDCDB
-
type
loader
Targets
-
-
Target
59373e55e84ab54d72a9055139cdd5f616cf20d675c80a6f43d0187e90708e95
-
Size
2.4MB
-
MD5
9063f431865e37cebc4787654a00d422
-
SHA1
28c42d6109dfd329580aa36e7c75a8053523ee8a
-
SHA256
59373e55e84ab54d72a9055139cdd5f616cf20d675c80a6f43d0187e90708e95
-
SHA512
4f276fcecbcec0cca1a6addfee3493a38038157cf1c4e176c766aaae9b758cd6010b1de5930077e14635762dcd1502602456797789c6e1fb337c1d76e454dc42
-
SSDEEP
49152:zrqVHNsAsWe8AdaSTBfA3XGGuGqTN8LxZ:zaPenfA32h8Lz
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-