danabot | ed22f2dca8b71427cc4b0f0124fb4bcbe7790e83a3617a596befc79e5040c92a | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...90.exe

windows7_x64

SecuriteIn...90.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Generic.mg.cc71bdb3d4b7d7ee.16690
Size

2.6MB
Sample

200624-zsx629g6ea
MD5

cc71bdb3d4b7d7ee07e7a930604ec05e
SHA1

bc9df0208c08ace9a910fbe8507bba1ab1588b5d
SHA256

ed22f2dca8b71427cc4b0f0124fb4bcbe7790e83a3617a596befc79e5040c92a
SHA512

0939eab2fbf98d2b5186ecfba3297debbcf37a57ac0dc319078d7a36fa73f6b6e81b357c8f8dc816974327051c7d36fda7bc4b217edd563f0ce923772eb347e7

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Generic.mg.cc71bdb3d4b7d7ee.16690.exe

Resource

win7v200430

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Generic.mg.cc71bdb3d4b7d7ee.16690.exe

Resource

win10

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

92.204.160.126

193.34.166.26

93.115.22.159

93.115.22.165

185.227.138.52

rsa_pubkey.plain

Targets

- Target
  
  SecuriteInfo.com.Generic.mg.cc71bdb3d4b7d7ee.16690
- Size
  
  2.6MB
- MD5
  
  cc71bdb3d4b7d7ee07e7a930604ec05e
- SHA1
  
  bc9df0208c08ace9a910fbe8507bba1ab1588b5d
- SHA256
  
  ed22f2dca8b71427cc4b0f0124fb4bcbe7790e83a3617a596befc79e5040c92a
- SHA512
  
  0939eab2fbf98d2b5186ecfba3297debbcf37a57ac0dc319078d7a36fa73f6b6e81b357c8f8dc816974327051c7d36fda7bc4b217edd563f0ce923772eb347e7
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Suspicious use of NtCreateProcessExOtherParentProcess
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy