General
-
Target
2f33359918125ba61b7cd34ce2f0c398
-
Size
1.1MB
-
Sample
231231-kfwetahhfm
-
MD5
2f33359918125ba61b7cd34ce2f0c398
-
SHA1
fab12215679baf6f74a4d20cdf70d0272afb454c
-
SHA256
0f0681e9e6d6b67bbf1991810e504eb535c4acade6e018770371eca3b6ae24fd
-
SHA512
2f3ae51f1cb0ca3642c26b2d1d0f5b793f1c44a8bb9c75795df31bd22f9413709bf7ce2e34a32ee307c0c30d0acfae052eb8153a79ee0212efaa6b7bbca1a6c5
-
SSDEEP
24576:cfWeRFHyRooZFOEhWMm+zbeQNBG7PP/iPHYCvA57bRP:cf55yR9lhS+HeSBEPPq/Hu/
Static task
static1
Behavioral task
behavioral1
Sample
2f33359918125ba61b7cd34ce2f0c398.exe
Resource
win7-20231215-en
Malware Config
Extracted
danabot
4
142.11.244.124:443
142.11.206.50:443
-
embedded_hash
6AD9FE4F9E491E785665E0D144F61DAB
-
type
loader
Targets
-
-
Target
2f33359918125ba61b7cd34ce2f0c398
-
Size
1.1MB
-
MD5
2f33359918125ba61b7cd34ce2f0c398
-
SHA1
fab12215679baf6f74a4d20cdf70d0272afb454c
-
SHA256
0f0681e9e6d6b67bbf1991810e504eb535c4acade6e018770371eca3b6ae24fd
-
SHA512
2f3ae51f1cb0ca3642c26b2d1d0f5b793f1c44a8bb9c75795df31bd22f9413709bf7ce2e34a32ee307c0c30d0acfae052eb8153a79ee0212efaa6b7bbca1a6c5
-
SSDEEP
24576:cfWeRFHyRooZFOEhWMm+zbeQNBG7PP/iPHYCvA57bRP:cf55yR9lhS+HeSBEPPq/Hu/
-
Danabot Loader Component
-
Blocklisted process makes network request
-
Loads dropped DLL
-