danabot | a7c37af821063d0a3be82a621e332f48c89bd83bec9c3ad092d4e357813c7e66 | Triage

Submit
Reports

Overview

overview

Static

static

2dfea66c53...38.exe

windows7_x64

2dfea66c53...38.exe

windows10_x64

Sharing

General

Target

2dfea66c532054e14a50066d4f278b38.exe
Size

2.6MB
Sample

201109-jj4j4b156e
MD5

2dfea66c532054e14a50066d4f278b38
SHA1

c1e577f41d4c06cee4cf0f2917682dfe81cb7ad9
SHA256

a7c37af821063d0a3be82a621e332f48c89bd83bec9c3ad092d4e357813c7e66
SHA512

30ce45d030ce432f9af5db35eaf79a9a56034b407d9eea8ab4e6ca554b3af8cd8136520590496841f3a547d525a1b120b4b3df5b025ca8a3b8b70570a2ba1123

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

2dfea66c532054e14a50066d4f278b38.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2dfea66c532054e14a50066d4f278b38.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

38.68.50.140

38.68.50.172

172.241.27.92

45.135.167.14

37.120.145.180

95.174.65.203

185.227.138.47

rsa_pubkey.plain

Targets

- Target
  
  2dfea66c532054e14a50066d4f278b38.exe
- Size
  
  2.6MB
- MD5
  
  2dfea66c532054e14a50066d4f278b38
- SHA1
  
  c1e577f41d4c06cee4cf0f2917682dfe81cb7ad9
- SHA256
  
  a7c37af821063d0a3be82a621e332f48c89bd83bec9c3ad092d4e357813c7e66
- SHA512
  
  30ce45d030ce432f9af5db35eaf79a9a56034b407d9eea8ab4e6ca554b3af8cd8136520590496841f3a547d525a1b120b4b3df5b025ca8a3b8b70570a2ba1123
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy