General

  • Target

    2736-4-0x0000000001EA0000-0x0000000002094000-memory.dmp

  • Size

    2.0MB

  • Sample

    241119-pzf7fsxajm

  • MD5

    37251be19e30189673197f9627536be0

  • SHA1

    32a59c0a645fcc38b5c743dbb2e4d6e2f0471f15

  • SHA256

    f5af3b6959dc0df98e1ba546adc23811ab1f0d9568de5b795f5b50b70b6f624d

  • SHA512

    ba520fb6f322ac015d64bb06e754294f54f536108fb25b0dda3018a0c67345f1ea65d7228f6363d5978fbb8a31d333d9581086cddd48e4f7954af955a2290ff1

  • SSDEEP

    49152:OWPKYJVH/aMXKRDD9HkzTnPxQ6kcpTI/+zxqfn8+nFFQCxEsJwKQ5:OGKYJVH/aMXKRDD9HkzTPxQ6tzxqf8+W

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

40

C2

185.117.90.36:443

193.42.36.59:443

193.56.146.53:443

185.106.123.228:443

Attributes
  • embedded_hash

    07284E2A3AB3C2E1FFFBD425849BE150

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      2736-4-0x0000000001EA0000-0x0000000002094000-memory.dmp

    • Size

      2.0MB

    • MD5

      37251be19e30189673197f9627536be0

    • SHA1

      32a59c0a645fcc38b5c743dbb2e4d6e2f0471f15

    • SHA256

      f5af3b6959dc0df98e1ba546adc23811ab1f0d9568de5b795f5b50b70b6f624d

    • SHA512

      ba520fb6f322ac015d64bb06e754294f54f536108fb25b0dda3018a0c67345f1ea65d7228f6363d5978fbb8a31d333d9581086cddd48e4f7954af955a2290ff1

    • SSDEEP

      49152:OWPKYJVH/aMXKRDD9HkzTnPxQ6kcpTI/+zxqfn8+nFFQCxEsJwKQ5:OGKYJVH/aMXKRDD9HkzTPxQ6tzxqf8+W

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks