danabot | c8093c755d566699bd222c13ff5b01e952e31a1a2da2f37919550b1c3bd99833 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...90.dll

windows7_x64

8

SecuriteIn...90.dll

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190
Size

3.3MB
Sample

201109-9emsyrs9ls
MD5

90ce70f19c5a5a35fa82641578ae53cc
SHA1

737c21990393d29e3eb068eadf924886771ed2a2
SHA256

c8093c755d566699bd222c13ff5b01e952e31a1a2da2f37919550b1c3bd99833
SHA512

23f2d2adf7c2daea982b5cc1f4ad50d790744dff818ea6ea5255d8b5fa3baf4203bd774e9d980054675f0f6a23f80b1c0e82a33e8d4832ce8b625c54b44dcace

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190.dll

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190.dll

Resource

win10v20201028

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92

rsa_pubkey.plain

Targets

- Target
  
  SecuriteInfo.com.Trojan.Agent.ERAA.20169.30190
- Size
  
  3.3MB
- MD5
  
  90ce70f19c5a5a35fa82641578ae53cc
- SHA1
  
  737c21990393d29e3eb068eadf924886771ed2a2
- SHA256
  
  c8093c755d566699bd222c13ff5b01e952e31a1a2da2f37919550b1c3bd99833
- SHA512
  
  23f2d2adf7c2daea982b5cc1f4ad50d790744dff818ea6ea5255d8b5fa3baf4203bd774e9d980054675f0f6a23f80b1c0e82a33e8d4832ce8b625c54b44dcace
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy