danabot | ec4171872384e62627b06976f6e513650087c00e8c42f70d6b9d29b54e18a8e6 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...86.dll

windows7_x64

8

SecuriteIn...86.dll

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886
Size

3.3MB
Sample

201109-hasvbq7d1n
MD5

3ce1a9571feef80297bd3c7c33e53476
SHA1

bdc733c1c239adc0d10b89e630862f6fe692c189
SHA256

ec4171872384e62627b06976f6e513650087c00e8c42f70d6b9d29b54e18a8e6
SHA512

aee3109d59536bf0054a58a60f1a405c37fc08cfa16df1257dc79a771abc534458c78f71f2e54e3b0ad4a653669489537e24d42d98a9b2d63f8d2f81ad51e333

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886.dll

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886.dll

Resource

win10v20201028

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92

rsa_pubkey.plain

Targets

- Target
  
  SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886
- Size
  
  3.3MB
- MD5
  
  3ce1a9571feef80297bd3c7c33e53476
- SHA1
  
  bdc733c1c239adc0d10b89e630862f6fe692c189
- SHA256
  
  ec4171872384e62627b06976f6e513650087c00e8c42f70d6b9d29b54e18a8e6
- SHA512
  
  aee3109d59536bf0054a58a60f1a405c37fc08cfa16df1257dc79a771abc534458c78f71f2e54e3b0ad4a653669489537e24d42d98a9b2d63f8d2f81ad51e333
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy