General
-
Target
HEUR-Trojan.Win32.Zenpak.gen-1de272d1038a4da0.exe
-
Size
1.1MB
-
Sample
230603-yx9knaae2z
-
MD5
134ba0a636c16478f5af66d7b00882eb
-
SHA1
abb04b8b4ff9fb80bab48a9a91add7d51bdaf9bd
-
SHA256
1de272d1038a4da0e2d177520ae647d33a44333e95be0033f7935c2f545d90dc
-
SHA512
b71321e7745a535a56da5cdc286c399e89f6e1eca4e1528f73944836d7c5de2277d0d8cf9372b4f5b5d277b5c241d9978ce22e381c024659afd162777615042e
-
SSDEEP
24576:ej0xZaRe2QNI5yotLfdzXmYA/9HgdNl9vaSz6iMpYh4/y0LK5K65:ej4aAK8Kfdz7dXzjCYm60LKn5
Static task
static1
Behavioral task
behavioral1
Sample
HEUR-Trojan.Win32.Zenpak.gen-1de272d1038a4da0.exe
Resource
win7-20230220-en
Malware Config
Extracted
danabot
4
23.254.144.209:443
23.254.227.74:443
192.255.166.212:443
-
embedded_hash
0E1A7A1479C37094441FA911262B322A
-
type
loader
Targets
-
-
Target
HEUR-Trojan.Win32.Zenpak.gen-1de272d1038a4da0.exe
-
Size
1.1MB
-
MD5
134ba0a636c16478f5af66d7b00882eb
-
SHA1
abb04b8b4ff9fb80bab48a9a91add7d51bdaf9bd
-
SHA256
1de272d1038a4da0e2d177520ae647d33a44333e95be0033f7935c2f545d90dc
-
SHA512
b71321e7745a535a56da5cdc286c399e89f6e1eca4e1528f73944836d7c5de2277d0d8cf9372b4f5b5d277b5c241d9978ce22e381c024659afd162777615042e
-
SSDEEP
24576:ej0xZaRe2QNI5yotLfdzXmYA/9HgdNl9vaSz6iMpYh4/y0LK5K65:ej4aAK8Kfdz7dXzjCYm60LKn5
-
Danabot Loader Component
-
Blocklisted process makes network request
-
Loads dropped DLL
-