General
-
Target
Able2ExtractPro.exe
-
Size
236.4MB
-
Sample
241119-xleqgazfka
-
MD5
501e18ebf35e79d49635098d798bdc22
-
SHA1
7432faca9ef46ecd481075b384cd93653aee5f86
-
SHA256
bcc36eb4303cacfe2059ac6c6fd131fab78374640feb721d2b5e98fcccd77a05
-
SHA512
db066cd4a1a41ab8d61d2083a19bce3a0299805c525623baa0af83cac2d7fc1a307bb9cea1e963e427a79df28cf3c75e865f9b8939c22f01c739e2ed98afe6d7
-
SSDEEP
3145728:6ZW39oISuin0oytQJBt4WE1ufL7W8mnwOKDoxHCTL:6w39oISuin0oRdJmEoE
Behavioral task
behavioral1
Sample
Able2ExtractPro.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
danabot
221.0.222.0:85
223.0.82.0:90
67.0.83.0:76
79.0.96.1:0
-
type
loader
Targets
-
-
Target
Able2ExtractPro.exe
-
Size
236.4MB
-
MD5
501e18ebf35e79d49635098d798bdc22
-
SHA1
7432faca9ef46ecd481075b384cd93653aee5f86
-
SHA256
bcc36eb4303cacfe2059ac6c6fd131fab78374640feb721d2b5e98fcccd77a05
-
SHA512
db066cd4a1a41ab8d61d2083a19bce3a0299805c525623baa0af83cac2d7fc1a307bb9cea1e963e427a79df28cf3c75e865f9b8939c22f01c739e2ed98afe6d7
-
SSDEEP
3145728:6ZW39oISuin0oytQJBt4WE1ufL7W8mnwOKDoxHCTL:6w39oISuin0oRdJmEoE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-