Overview

overview

10

Static

static

12f1cb1801...68.exe

windows7_x64

10

12f1cb1801...68.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12f1cb18016343fe5ec091c042b31668.exe

  • Size

    2.6MB

  • Sample

    201109-wbep91sgps

  • MD5

    12f1cb18016343fe5ec091c042b31668

  • SHA1

    84d515f65d5e6eb057f2c267be836af04b353b60

  • SHA256

    d447a466b5bed2daffcd7a3ea6fea93a8d9fa32d62eadbf834d3a8713da05a4a

  • SHA512

    a2b7c47ea0d2ea0ab15c22b776998aed2b5cd1b06da3d02839fc315b049cda7cd955f16439f1b3565a9fe8d1d68acd7ca2ff337aa2ad301b7f21ebead10fb0ed

Score
10/10
danabotbankerbotnettrojan

Malware Config

Extracted

Family

danabot

C2

38.68.50.140

38.68.50.172

172.241.27.92

45.135.167.14

37.120.145.180

95.174.65.203

185.227.138.47
rsa_pubkey.plain

Targets

    • Target

      12f1cb18016343fe5ec091c042b31668.exe

    • Size

      2.6MB

    • MD5

      12f1cb18016343fe5ec091c042b31668

    • SHA1

      84d515f65d5e6eb057f2c267be836af04b353b60

    • SHA256

      d447a466b5bed2daffcd7a3ea6fea93a8d9fa32d62eadbf834d3a8713da05a4a

    • SHA512

      a2b7c47ea0d2ea0ab15c22b776998aed2b5cd1b06da3d02839fc315b049cda7cd955f16439f1b3565a9fe8d1d68acd7ca2ff337aa2ad301b7f21ebead10fb0ed

    Score
    10/10
    danabotbankerbotnettrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot x86 payload

      Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

      botnet

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks