danabot | 938a3ebb1e0134070a4f75ea35eb5d083de6e419549b687725cac66220b0004c | Triage

Submit
Reports

Overview

overview

Static

static

F78E05D4.dll

windows7_x64

F78E05D4.dll

windows10_x64

Sharing

General

Target

F78E05D4.dll
Size

2.2MB
Sample

201109-mjkb6j4cz2
MD5

88d6e37ff27f0417402d8f5ca25bbcb9
SHA1

5ef6d17fa7171ec8018d13c968c570ff689645ff
SHA256

938a3ebb1e0134070a4f75ea35eb5d083de6e419549b687725cac66220b0004c
SHA512

37aa2c00ad2f791d29794d2b23430d72a3df4a90095d69b70fc13efadb413d21d4136adb7ffbf9d8d3286aaadcaf1355d1b04864b322378aa31944b35b68cea7

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

F78E05D4.dll

Resource

win7v20201028

danabot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

F78E05D4.dll

Resource

win10v20201028

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92

rsa_pubkey.plain

Targets

- Target
  
  F78E05D4.dll
- Size
  
  2.2MB
- MD5
  
  88d6e37ff27f0417402d8f5ca25bbcb9
- SHA1
  
  5ef6d17fa7171ec8018d13c968c570ff689645ff
- SHA256
  
  938a3ebb1e0134070a4f75ea35eb5d083de6e419549b687725cac66220b0004c
- SHA512
  
  37aa2c00ad2f791d29794d2b23430d72a3df4a90095d69b70fc13efadb413d21d4136adb7ffbf9d8d3286aaadcaf1355d1b04864b322378aa31944b35b68cea7
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy