danabot | 603e686a7e5968ddb4f3af5c5c038cf36dab48ec66dce77313e6d6f2ce25b4c5

General

Target

603e686a7e5968ddb4f3af5c5c038cf36dab48ec66dce77313e6d6f2ce25b4c5
Size

18.9MB
MD5

6878d5af27f14a320ebea44a20c8e4a9
SHA1

a19c87d5b037066698e3e9e429a6bbec4d5de36d
SHA256

603e686a7e5968ddb4f3af5c5c038cf36dab48ec66dce77313e6d6f2ce25b4c5
SHA512

4ae20dff2f5400f90006106c2e15704c1b04d007147ce16829944b4af27035330d60f9d50dbb7265b399225a1dd18ab26fed44311fb9bc5e7a1fe16c7d08258f
SSDEEP

98304:ticU/ooWRbog8zGnUVB1ucXzVcQedKvPaW7IXHUcPUlj2Yp/pAYA6dw3:09VBocXzpPl7IXUcPUliQA

Score

10^/10

danabot

Malware Config

Extracted

Family

danabot

Attributes

type
loader

Signatures

Danabot family
danabot

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
603e686a7e5968ddb4f3af5c5c038cf36dab48ec66dce77313e6d6f2ce25b4c5

Files

603e686a7e5968ddb4f3af5c5c038cf36dab48ec66dce77313e6d6f2ce25b4c5
.exe windows:5 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 15.3MB - Virtual size: 15.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 127KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 976B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 647KB - Virtual size: 647KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 15.3MB - Virtual size: 15.3MB

.data Size: 1.0MB - Virtual size: 1.0MB

.bss Size: - Virtual size: 127KB

.idata Size: 18KB - Virtual size: 17KB

.didata Size: 35KB - Virtual size: 34KB

.edata Size: 512B - Virtual size: 123B

.tls Size: - Virtual size: 976B

.rdata Size: 512B - Virtual size: 109B

.reloc Size: 668KB - Virtual size: 667KB

.pdata Size: 647KB - Virtual size: 647KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 15.3MB - Virtual size: 15.3MB

.data
Size: 1.0MB - Virtual size: 1.0MB

.bss
Size: - Virtual size: 127KB

.idata
Size: 18KB - Virtual size: 17KB

.didata
Size: 35KB - Virtual size: 34KB

.edata
Size: 512B - Virtual size: 123B

.tls
Size: - Virtual size: 976B

.rdata
Size: 512B - Virtual size: 109B

.reloc
Size: 668KB - Virtual size: 667KB

.pdata
Size: 647KB - Virtual size: 647KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB