Overview

overview

10

Static

static

SecuriteIn...18.dll

windows7_x64

8

SecuriteIn...18.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Variant.Graftor.752710.8384.15318

  • Size

    3.3MB

  • Sample

    201109-4k59awxlm6

  • MD5

    90ac2235ac7890cd0a7c39aedee49302

  • SHA1

    2e6a5a180e757ef69402d20ae21c7dfc5cf96950

  • SHA256

    214e3cd3db2fd521d7a66d0e4ede79c152870ff0330f839d01d7cc141cdc0a14

  • SHA512

    349d7cb55bfc05815d5949d8009c45e7fdd9665649b67ecd4a7162a2fa153fc09ca3ad17b3617b8c1df3a677c713ee6e701067a5fc2a8b5257b8678d88be96c7

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92
rsa_pubkey.plain

Targets

    • Target

      SecuriteInfo.com.Variant.Graftor.752710.8384.15318

    • Size

      3.3MB

    • MD5

      90ac2235ac7890cd0a7c39aedee49302

    • SHA1

      2e6a5a180e757ef69402d20ae21c7dfc5cf96950

    • SHA256

      214e3cd3db2fd521d7a66d0e4ede79c152870ff0330f839d01d7cc141cdc0a14

    • SHA512

      349d7cb55bfc05815d5949d8009c45e7fdd9665649b67ecd4a7162a2fa153fc09ca3ad17b3617b8c1df3a677c713ee6e701067a5fc2a8b5257b8678d88be96c7

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks