General
-
Target
4116fcfcfe5df39c8356a59782606b1f19ab693ce6ff1e363f8606166fcf58fb.exe
-
Size
1.1MB
-
Sample
240725-c3k9cswgje
-
MD5
26d32ba746528921415f4299188d0451
-
SHA1
0635b7b33a6f79e84dfe8fe1f7f4152d20c533c7
-
SHA256
4116fcfcfe5df39c8356a59782606b1f19ab693ce6ff1e363f8606166fcf58fb
-
SHA512
d7186313bf093a11f0e314aa225a7c36ad9f7ad1b00723103f6851c832829cf8a4abc2cb6983c646b34e38c2d7a16f3217a0efe0065d4942f4fd0ac2172d35e4
-
SSDEEP
24576:121pHZkUu40eoX4zuROs5obLOfkAnMNMo+C0OW/WS7H1S:mHZzu40ecUuFobafkaMNMo+plj7k
Static task
static1
Behavioral task
behavioral1
Sample
4116fcfcfe5df39c8356a59782606b1f19ab693ce6ff1e363f8606166fcf58fb.exe
Resource
win7-20240705-en
Malware Config
Extracted
danabot
5
23.254.217.192:443
192.236.146.173:443
23.254.133.7:443
185.62.58.85:443
-
embedded_hash
3CCDCA270E94321B76E2E66C454CD541
-
type
loader
Targets
-
-
Target
4116fcfcfe5df39c8356a59782606b1f19ab693ce6ff1e363f8606166fcf58fb.exe
-
Size
1.1MB
-
MD5
26d32ba746528921415f4299188d0451
-
SHA1
0635b7b33a6f79e84dfe8fe1f7f4152d20c533c7
-
SHA256
4116fcfcfe5df39c8356a59782606b1f19ab693ce6ff1e363f8606166fcf58fb
-
SHA512
d7186313bf093a11f0e314aa225a7c36ad9f7ad1b00723103f6851c832829cf8a4abc2cb6983c646b34e38c2d7a16f3217a0efe0065d4942f4fd0ac2172d35e4
-
SSDEEP
24576:121pHZkUu40eoX4zuROs5obLOfkAnMNMo+C0OW/WS7H1S:mHZzu40ecUuFobafkaMNMo+plj7k
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-