danabot | 8b5118ba1223c3aa351e6def9781aa38a8ee565c6103c9e8db9c0db392afc6f5 | Triage

Submit
Reports

Overview

overview

Static

static

f03124efa7...96.exe

windows7_x64

f03124efa7...96.exe

windows10_x64

Sharing

General

Target

f03124efa7dc4f6beb866a3a5f3e2896.exe
Size

2.6MB
Sample

201109-4v4nfbem42
MD5

f03124efa7dc4f6beb866a3a5f3e2896
SHA1

24f1afa8536fbed461af1e549152d6e677b6c9f7
SHA256

8b5118ba1223c3aa351e6def9781aa38a8ee565c6103c9e8db9c0db392afc6f5
SHA512

204c4e894c035261f1392f565c895cd28330e7790512b2cf3b814de80b9d32aa2043e5a84c7a1f02e552710961a9cc71f89eed228ca9850eee56abf739037f7e

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

f03124efa7dc4f6beb866a3a5f3e2896.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f03124efa7dc4f6beb866a3a5f3e2896.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

38.68.50.140

38.68.50.172

172.241.27.92

45.135.167.14

37.120.145.180

95.174.65.203

185.227.138.47

rsa_pubkey.plain

Targets

- Target
  
  f03124efa7dc4f6beb866a3a5f3e2896.exe
- Size
  
  2.6MB
- MD5
  
  f03124efa7dc4f6beb866a3a5f3e2896
- SHA1
  
  24f1afa8536fbed461af1e549152d6e677b6c9f7
- SHA256
  
  8b5118ba1223c3aa351e6def9781aa38a8ee565c6103c9e8db9c0db392afc6f5
- SHA512
  
  204c4e894c035261f1392f565c895cd28330e7790512b2cf3b814de80b9d32aa2043e5a84c7a1f02e552710961a9cc71f89eed228ca9850eee56abf739037f7e
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy