danabot | c93e7028a1fa69efc978b71587df57ad05d06b9e290c33329c5f3fa83e10e247 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...99.dll

windows7_x64

8

SecuriteIn...99.dll

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.Siggen9.44470.4073.18299
Size

758KB
Sample

200625-ldrtsv7fks
MD5

6d0e6befc551c292aeaa921202969e8d
SHA1

4c47d52c7f4e3e7c98395bca40f7177f7a7671e8
SHA256

c93e7028a1fa69efc978b71587df57ad05d06b9e290c33329c5f3fa83e10e247
SHA512

c8333267a344d6d27b00db9c813ff397df829be4a1884bbeb613fd9f70c5ce44b7ed54fce6439a0ffab744a2ba59cb1947cfd40bc2f8e8e4e3051632d11c4aab

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Siggen9.44470.4073.18299.dll

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.Siggen9.44470.4073.18299.dll

Resource

win10

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

45.11.183.43

185.101.92.195

185.101.92.201

rsa_pubkey.plain

Targets

- Target
  
  SecuriteInfo.com.Trojan.Siggen9.44470.4073.18299
- Size
  
  758KB
- MD5
  
  6d0e6befc551c292aeaa921202969e8d
- SHA1
  
  4c47d52c7f4e3e7c98395bca40f7177f7a7671e8
- SHA256
  
  c93e7028a1fa69efc978b71587df57ad05d06b9e290c33329c5f3fa83e10e247
- SHA512
  
  c8333267a344d6d27b00db9c813ff397df829be4a1884bbeb613fd9f70c5ce44b7ed54fce6439a0ffab744a2ba59cb1947cfd40bc2f8e8e4e3051632d11c4aab
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy