danabot | 720b101eeb0fd61433a644563ad541e1923a202a1116fda126534e89a805136c | Triage

Submit
Reports

Overview

overview

Static

static

b5db056c85...22.exe

windows7_x64

b5db056c85...22.exe

windows10_x64

Sharing

General

Target

b5db056c8577690dc8a9c4cdf00a6f22.exe
Size

2.7MB
Sample

201109-sv7jyb6lse
MD5

b5db056c8577690dc8a9c4cdf00a6f22
SHA1

5dfb02a273cc06c8b6405d91ba123934098bcbea
SHA256

720b101eeb0fd61433a644563ad541e1923a202a1116fda126534e89a805136c
SHA512

b5fa3b86540a3a8f058ecb3ef7e962eabca92b8076ca174e72c33b3c2e1a7164c7a2f333fdc0c5f3e8a2118c613209b7be308608304c3711ed869e492a973228

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

b5db056c8577690dc8a9c4cdf00a6f22.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b5db056c8577690dc8a9c4cdf00a6f22.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

51.77.7.204

51.178.195.151

51.222.39.81

185.227.138.47

rsa_pubkey.plain

Targets

- Target
  
  b5db056c8577690dc8a9c4cdf00a6f22.exe
- Size
  
  2.7MB
- MD5
  
  b5db056c8577690dc8a9c4cdf00a6f22
- SHA1
  
  5dfb02a273cc06c8b6405d91ba123934098bcbea
- SHA256
  
  720b101eeb0fd61433a644563ad541e1923a202a1116fda126534e89a805136c
- SHA512
  
  b5fa3b86540a3a8f058ecb3ef7e962eabca92b8076ca174e72c33b3c2e1a7164c7a2f333fdc0c5f3e8a2118c613209b7be308608304c3711ed869e492a973228
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy