General
-
Target
0a6f3aeab512d3e3050adc9445b3087847d3f86833c45106d4b1a9fca311c15f
-
Size
5.7MB
-
Sample
230129-wb8ecshc8v
-
MD5
59ab91946ca4711e849a02ca4cadaab4
-
SHA1
30af02d7702a6c1f8e0d10b889537995555c354c
-
SHA256
0a6f3aeab512d3e3050adc9445b3087847d3f86833c45106d4b1a9fca311c15f
-
SHA512
4ada2e8de209dac0fcc6c5504a99b94fd36a17278edc6af9d6b0869d0ca48a79bea8b978bede38e23bff15d0726538b602665882af389f9916d956dcd098deb2
-
SSDEEP
98304:3Pn+J3+HFN91gpdWmrVGTE3x/0S9VT44/Q8vL1sy89zRoSmM:PcsDgpdWkh73TN/bO18
Static task
static1
Behavioral task
behavioral1
Sample
0a6f3aeab512d3e3050adc9445b3087847d3f86833c45106d4b1a9fca311c15f.dll
Resource
win7-20221111-en
Malware Config
Extracted
danabot
1765
3
192.3.26.98:443
192.236.162.42:443
192.161.48.5:443
192.236.146.203:443
-
embedded_hash
B2585F6479280F48B64C99F950BBF36D
-
type
main
Targets
-
-
Target
0a6f3aeab512d3e3050adc9445b3087847d3f86833c45106d4b1a9fca311c15f
-
Size
5.7MB
-
MD5
59ab91946ca4711e849a02ca4cadaab4
-
SHA1
30af02d7702a6c1f8e0d10b889537995555c354c
-
SHA256
0a6f3aeab512d3e3050adc9445b3087847d3f86833c45106d4b1a9fca311c15f
-
SHA512
4ada2e8de209dac0fcc6c5504a99b94fd36a17278edc6af9d6b0869d0ca48a79bea8b978bede38e23bff15d0726538b602665882af389f9916d956dcd098deb2
-
SSDEEP
98304:3Pn+J3+HFN91gpdWmrVGTE3x/0S9VT44/Q8vL1sy89zRoSmM:PcsDgpdWkh73TN/bO18
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-