danabot | cd38592468e54623dc5c89529203dbc21ede6cfe95523d2f146449019288038c | Triage

Submit
Reports

Overview

overview

Static

static

d91c10b601...f3.exe

windows7_x64

d91c10b601...f3.exe

windows10_x64

Sharing

General

Target

d91c10b6010d6e7593974ae3278cbbf3.exe
Size

2.7MB
Sample

201109-s5fdvl35kx
MD5

d91c10b6010d6e7593974ae3278cbbf3
SHA1

1fd45fdbde1168b3c085805df7399398fc85b2cb
SHA256

cd38592468e54623dc5c89529203dbc21ede6cfe95523d2f146449019288038c
SHA512

3a231c2e9e9ba05c07c5229ef53dcd009bb876c661ba9af6f06bb6d48b2d0ee4570f5bcb956d7d011df9c77995ed3e18d70c104b579522df60cc53dc54ff74eb

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

d91c10b6010d6e7593974ae3278cbbf3.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d91c10b6010d6e7593974ae3278cbbf3.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

142.11.240.144

45.153.243.113

88.150.227.95

rsa_pubkey.plain

Targets

- Target
  
  d91c10b6010d6e7593974ae3278cbbf3.exe
- Size
  
  2.7MB
- MD5
  
  d91c10b6010d6e7593974ae3278cbbf3
- SHA1
  
  1fd45fdbde1168b3c085805df7399398fc85b2cb
- SHA256
  
  cd38592468e54623dc5c89529203dbc21ede6cfe95523d2f146449019288038c
- SHA512
  
  3a231c2e9e9ba05c07c5229ef53dcd009bb876c661ba9af6f06bb6d48b2d0ee4570f5bcb956d7d011df9c77995ed3e18d70c104b579522df60cc53dc54ff74eb
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy