Overview

overview

10

Static

static

SecuriteIn...86.dll

windows7_x64

8

SecuriteIn...86.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886

  • Size

    3.3MB

  • Sample

    201109-hasvbq7d1n

  • MD5

    3ce1a9571feef80297bd3c7c33e53476

  • SHA1

    bdc733c1c239adc0d10b89e630862f6fe692c189

  • SHA256

    ec4171872384e62627b06976f6e513650087c00e8c42f70d6b9d29b54e18a8e6

  • SHA512

    aee3109d59536bf0054a58a60f1a405c37fc08cfa16df1257dc79a771abc534458c78f71f2e54e3b0ad4a653669489537e24d42d98a9b2d63f8d2f81ad51e333

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92
rsa_pubkey.plain

Targets

    • Target

      SecuriteInfo.com.Trojan.Siggen9.46491.30495.5886

    • Size

      3.3MB

    • MD5

      3ce1a9571feef80297bd3c7c33e53476

    • SHA1

      bdc733c1c239adc0d10b89e630862f6fe692c189

    • SHA256

      ec4171872384e62627b06976f6e513650087c00e8c42f70d6b9d29b54e18a8e6

    • SHA512

      aee3109d59536bf0054a58a60f1a405c37fc08cfa16df1257dc79a771abc534458c78f71f2e54e3b0ad4a653669489537e24d42d98a9b2d63f8d2f81ad51e333

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks