danabot | a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721 | Triage

Submit
Reports

Overview

overview

Static

static

RgNOzTfNPzRgNPzRg.dll

windows7_x64

RgNOzTfNPzRgNPzRg.dll

windows10_x64

Sharing

General

Target

RgNOzTfNPzRgNPzRg.dll
Size

2.2MB
Sample

201109-nh9m5qwlea
MD5

f69ae2857fd443a32acdf97fa08076f1
SHA1

ab9dfa582b8b3a4a80b476170518213600167cf4
SHA256

a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721
SHA512

2ec6154be4839135f903b691aea477f3da78a5a9f18eee2d6a3cf76962cb71a83fcd09c8df8ea159a0447fca376aed79d4773a8e3d6f1c2d35b5089b65742b81

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

RgNOzTfNPzRgNPzRg.dll

Resource

win7v20201028

danabot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

RgNOzTfNPzRgNPzRg.dll

Resource

win10v20201028

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

172.81.129.196

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

45.147.228.92

rsa_pubkey.plain

Targets

- Target
  
  RgNOzTfNPzRgNPzRg.dll
- Size
  
  2.2MB
- MD5
  
  f69ae2857fd443a32acdf97fa08076f1
- SHA1
  
  ab9dfa582b8b3a4a80b476170518213600167cf4
- SHA256
  
  a1b70b52de7803c658fc787bb2e18305fb93b40e4b38feaefb5234abebcd3721
- SHA512
  
  2ec6154be4839135f903b691aea477f3da78a5a9f18eee2d6a3cf76962cb71a83fcd09c8df8ea159a0447fca376aed79d4773a8e3d6f1c2d35b5089b65742b81
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy