danabot | 46c14ac886a864d3ff77606286c4ce983a060d57bcd07881ab299b1848918af5 | Triage

Submit
Reports

Overview

overview

Static

static

3bad137a2d...08.exe

windows7_x64

3bad137a2d...08.exe

windows10_x64

Sharing

General

Target

3bad137a2d5d20084fcf3fabf213ec08.exe
Size

1.0MB
Sample

201109-9x2ryq4tna
MD5

3bad137a2d5d20084fcf3fabf213ec08
SHA1

079a6f24108c97a32923369b9e0e348c39bbf5dd
SHA256

46c14ac886a864d3ff77606286c4ce983a060d57bcd07881ab299b1848918af5
SHA512

475caf00146c93795752f0771cccee342edb17f5bdd9a778b885a7e34bf97b10b2569065093984cfb716033a3943b0f7681b9fcc80d5ffb973f19d70b6191b03

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

3bad137a2d5d20084fcf3fabf213ec08.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3bad137a2d5d20084fcf3fabf213ec08.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

2.56.213.39

185.238.168.83

185.238.168.174

93.115.20.189

93.115.20.183

5.61.58.130

rsa_pubkey.plain

Targets

- Target
  
  3bad137a2d5d20084fcf3fabf213ec08.exe
- Size
  
  1.0MB
- MD5
  
  3bad137a2d5d20084fcf3fabf213ec08
- SHA1
  
  079a6f24108c97a32923369b9e0e348c39bbf5dd
- SHA256
  
  46c14ac886a864d3ff77606286c4ce983a060d57bcd07881ab299b1848918af5
- SHA512
  
  475caf00146c93795752f0771cccee342edb17f5bdd9a778b885a7e34bf97b10b2569065093984cfb716033a3943b0f7681b9fcc80d5ffb973f19d70b6191b03
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy