danabot | 866cc919f19b7c69e5df4f71e45d1fa6e29b432bc4ce5d91c3dcf7b850efa071 | Triage

Submit
Reports

Overview

overview

Static

static

41c1de9a20...95.exe

windows7_x64

41c1de9a20...95.exe

windows10_x64

Sharing

General

Target

41c1de9a20f1e4083884825f4329dd95.exe
Size

2.7MB
Sample

201109-4qz6vmm4y2
MD5

41c1de9a20f1e4083884825f4329dd95
SHA1

551686ccbd2974579b788b44df091933e62afb7d
SHA256

866cc919f19b7c69e5df4f71e45d1fa6e29b432bc4ce5d91c3dcf7b850efa071
SHA512

75c150cfc72af2f493839711b2495079683e9d282b7f2a7f18369ec831697dc285b4a2d5acd5e063c1cadcdbc33630a314abe6a6f9e08bee0b12ec518b87d260

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

41c1de9a20f1e4083884825f4329dd95.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

41c1de9a20f1e4083884825f4329dd95.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

185.227.138.47

38.68.50.140

2.56.212.64

38.68.50.172

172.241.27.92

193.34.167.159

179.43.133.50

rsa_pubkey.plain

Targets

- Target
  
  41c1de9a20f1e4083884825f4329dd95.exe
- Size
  
  2.7MB
- MD5
  
  41c1de9a20f1e4083884825f4329dd95
- SHA1
  
  551686ccbd2974579b788b44df091933e62afb7d
- SHA256
  
  866cc919f19b7c69e5df4f71e45d1fa6e29b432bc4ce5d91c3dcf7b850efa071
- SHA512
  
  75c150cfc72af2f493839711b2495079683e9d282b7f2a7f18369ec831697dc285b4a2d5acd5e063c1cadcdbc33630a314abe6a6f9e08bee0b12ec518b87d260
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy