Overview

overview

10

Static

static

0009efe13e...e7.exe

windows7_x64

10

0009efe13e...e7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0009efe13eaf4dd3d091bc6e9ca7c1e7.exe

  • Size

    2.6MB

  • Sample

    201109-89hbsnsfc2

  • MD5

    0009efe13eaf4dd3d091bc6e9ca7c1e7

  • SHA1

    f2be84149784db1d1b7746afde07d781805bd35f

  • SHA256

    de30d86cff3d838162aa88112a946dfb3af84005dda6bbc70cee15e8dff70ba3

  • SHA512

    cf96410d5a528b52d92c37fac77ff3a8326ad6c2b3bbe00b44d55c758c5521870b9149b2fe8f743e6e7d90259eab5b3d19ed253abb8bea7660530c9b9ea70405

Score
10/10
danabotbankerbotnettrojan

Malware Config

Extracted

Family

danabot

C2

92.204.160.54

2.56.213.179

45.153.186.47

93.115.21.29

185.45.193.50

193.34.166.247
rsa_pubkey.plain

Targets

    • Target

      0009efe13eaf4dd3d091bc6e9ca7c1e7.exe

    • Size

      2.6MB

    • MD5

      0009efe13eaf4dd3d091bc6e9ca7c1e7

    • SHA1

      f2be84149784db1d1b7746afde07d781805bd35f

    • SHA256

      de30d86cff3d838162aa88112a946dfb3af84005dda6bbc70cee15e8dff70ba3

    • SHA512

      cf96410d5a528b52d92c37fac77ff3a8326ad6c2b3bbe00b44d55c758c5521870b9149b2fe8f743e6e7d90259eab5b3d19ed253abb8bea7660530c9b9ea70405

    Score
    10/10
    danabotbankerbotnettrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot x86 payload

      Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

      botnet

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks