Overview

overview

10

Static

static

SecuriteIn...90.dll

windows7_x64

8

SecuriteIn...90.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190

  • Size

    3.3MB

  • Sample

    201109-9emsyrs9ls

  • MD5

    90ce70f19c5a5a35fa82641578ae53cc

  • SHA1

    737c21990393d29e3eb068eadf924886771ed2a2

  • SHA256

    c8093c755d566699bd222c13ff5b01e952e31a1a2da2f37919550b1c3bd99833

  • SHA512

    23f2d2adf7c2daea982b5cc1f4ad50d790744dff818ea6ea5255d8b5fa3baf4203bd774e9d980054675f0f6a23f80b1c0e82a33e8d4832ce8b625c54b44dcace

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92
rsa_pubkey.plain

Targets

    • Target

      SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190

    • Size

      3.3MB

    • MD5

      90ce70f19c5a5a35fa82641578ae53cc

    • SHA1

      737c21990393d29e3eb068eadf924886771ed2a2

    • SHA256

      c8093c755d566699bd222c13ff5b01e952e31a1a2da2f37919550b1c3bd99833

    • SHA512

      23f2d2adf7c2daea982b5cc1f4ad50d790744dff818ea6ea5255d8b5fa3baf4203bd774e9d980054675f0f6a23f80b1c0e82a33e8d4832ce8b625c54b44dcace

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks