Extracted

• • Target

    2684e7971b92bd1b19265cf328b64ca8.exe

  • Size

    2.5MB

  • MD5

    2684e7971b92bd1b19265cf328b64ca8

  • SHA1

    141dde31d7e8f014b187bfbaa9d0d9abf5c9c2e8

  • SHA256

    95a90fbde8c6cc25ac3ebbc1bc9602a8a656a6c6d29e47378cca197c7018df02

  • SHA512

    37eae00d3006de093b1e236a5e506af322a94db677f59de29b5bd4d22c623b2bc4ddd34e8b042d62c9cdd082c0352aea94e06e346bbf75eb771a54b419ef0e37

  Score

  10^/10

  danabotbankerbotnettrojan

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot

  • Danabot x86 payload

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

  • Suspicious use of NtCreateProcessExOtherParentProcess

  • Blocklisted process makes network request

  • Loads dropped DLL

  behavioral1behavioral2