danabot | 465e874f504c413d6971a48c1ba559d83cc622bd1884b18d1cae1cca608f42ab | Triage

Submit
Reports

Overview

overview

Static

static

80dddef3ba...ea.exe

windows7_x64

80dddef3ba...ea.exe

windows10_x64

Sharing

General

Target

80dddef3baccbd90d5dfd016cbe454ea.exe
Size

940KB
Sample

201109-c238htrn26
MD5

80dddef3baccbd90d5dfd016cbe454ea
SHA1

f6531c5a548e847c7876fa72d2689348e1bb6acb
SHA256

465e874f504c413d6971a48c1ba559d83cc622bd1884b18d1cae1cca608f42ab
SHA512

e32dcca39686a8c585158080aaaba56dbeb9464f03a4246eb28a136d91a232a09436fb7cd2e997e3662d6405b172b82fdf9dd507b5a1da1e73cdd103f4aa35ca

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

80dddef3baccbd90d5dfd016cbe454ea.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

80dddef3baccbd90d5dfd016cbe454ea.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

172.81.129.196

rsa_pubkey.plain

Targets

- Target
  
  80dddef3baccbd90d5dfd016cbe454ea.exe
- Size
  
  940KB
- MD5
  
  80dddef3baccbd90d5dfd016cbe454ea
- SHA1
  
  f6531c5a548e847c7876fa72d2689348e1bb6acb
- SHA256
  
  465e874f504c413d6971a48c1ba559d83cc622bd1884b18d1cae1cca608f42ab
- SHA512
  
  e32dcca39686a8c585158080aaaba56dbeb9464f03a4246eb28a136d91a232a09436fb7cd2e997e3662d6405b172b82fdf9dd507b5a1da1e73cdd103f4aa35ca
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy