General
-
Target
0d53a8fddf30028c36be8d2b96b8cf33f63102b9c6615c4cfdf6581dd125e1be
-
Size
5.7MB
-
Sample
230129-wb7g3afh57
-
MD5
3a1f00d4b1e704257b1c4a44ce7c002d
-
SHA1
0739f035939b4ca77deb0e589e8e66a0b648cd62
-
SHA256
0d53a8fddf30028c36be8d2b96b8cf33f63102b9c6615c4cfdf6581dd125e1be
-
SHA512
c359e1e330611f00aab5cde4469a0eb3bc599e1bc11f099e23c83a39616a4fc31c9e28f0f0c204528119036c89c1865ae37e0a59db8cbcf5cc39cd8ea1c38c30
-
SSDEEP
98304:1lfZRWxhFG+U6w1STKNMD+nSMuPgczFtX0kqb19+u1:1VWxh8+U6v0HcJJ0k419b
Static task
static1
Behavioral task
behavioral1
Sample
0d53a8fddf30028c36be8d2b96b8cf33f63102b9c6615c4cfdf6581dd125e1be.dll
Resource
win7-20221111-en
Malware Config
Extracted
danabot
1765
3
192.161.48.5:443
142.44.224.16:443
192.3.26.98:443
192.236.146.203:443
-
embedded_hash
B2585F6479280F48B64C99F950BBF36D
-
type
main
Targets
-
-
Target
0d53a8fddf30028c36be8d2b96b8cf33f63102b9c6615c4cfdf6581dd125e1be
-
Size
5.7MB
-
MD5
3a1f00d4b1e704257b1c4a44ce7c002d
-
SHA1
0739f035939b4ca77deb0e589e8e66a0b648cd62
-
SHA256
0d53a8fddf30028c36be8d2b96b8cf33f63102b9c6615c4cfdf6581dd125e1be
-
SHA512
c359e1e330611f00aab5cde4469a0eb3bc599e1bc11f099e23c83a39616a4fc31c9e28f0f0c204528119036c89c1865ae37e0a59db8cbcf5cc39cd8ea1c38c30
-
SSDEEP
98304:1lfZRWxhFG+U6w1STKNMD+nSMuPgczFtX0kqb19+u1:1VWxh8+U6v0HcJJ0k419b
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-