danabot | 8c98355387cdad4550e82d642575634034955262583962b63617d8e2d79956bd | Triage

Submit
Reports

Overview

overview

Static

static

5f8c7a8a80...39.exe

windows7_x64

5f8c7a8a80...39.exe

windows10_x64

Sharing

General

Target

5f8c7a8a8095a14d504172acff266239.exe
Size

1.0MB
Sample

201109-bk2s3wg6b6
MD5

5f8c7a8a8095a14d504172acff266239
SHA1

a7dadbba24f6b98f84b073f999dab22c9c8ecfd4
SHA256

8c98355387cdad4550e82d642575634034955262583962b63617d8e2d79956bd
SHA512

7fd6934999f755ca9bdbe02b98b3707febca1d8134f0461137eccf5e6a575fd9826a544805ef23ef9e8b05b47d3e6b2446d37d5fed1d6b228067c4d89111e134

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

5f8c7a8a8095a14d504172acff266239.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5f8c7a8a8095a14d504172acff266239.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

2.56.213.39

185.238.168.83

185.238.168.174

93.115.20.189

93.115.20.183

5.61.58.130

rsa_pubkey.plain

Targets

- Target
  
  5f8c7a8a8095a14d504172acff266239.exe
- Size
  
  1.0MB
- MD5
  
  5f8c7a8a8095a14d504172acff266239
- SHA1
  
  a7dadbba24f6b98f84b073f999dab22c9c8ecfd4
- SHA256
  
  8c98355387cdad4550e82d642575634034955262583962b63617d8e2d79956bd
- SHA512
  
  7fd6934999f755ca9bdbe02b98b3707febca1d8134f0461137eccf5e6a575fd9826a544805ef23ef9e8b05b47d3e6b2446d37d5fed1d6b228067c4d89111e134
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy