Extracted

• • Target

    SecuriteInfo.com.BehavesLike.Win32.Generic.vc.31846

  • Size

    2.6MB

  • MD5

    3aca8b56716ae3d03be877b9dd4729a6

  • SHA1

    fc0a13a5f18cb1b81a5ea67533a366ffceeda02b

  • SHA256

    a31934ff6fce423c793ab9d1e4bd4067986033e552ba36a7ea360dec57b83dd2

  • SHA512

    dfc89beca5485f96fa469b6985c69f402d5ca802a51e3218b862925cea747815642bdfcd899911d9542e38ee76483ce068a884164627403d150b7a21b3132117

  Score

  10^/10

  danabotbankerbotnettrojan

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot

  • Danabot x86 payload

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

  • Suspicious use of NtCreateProcessExOtherParentProcess

  • Blocklisted process makes network request

  • Loads dropped DLL

  behavioral1behavioral2