danabot | f7e6d70e5553fb8c221304bf51126f457d4825194c4ef4f98915b28eb9942326 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...98.exe

windows7_x64

SecuriteIn...98.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Variant.Danabot.2.2137.10898
Size

940KB
Sample

201109-x2c1q4lhg6
MD5

999fca908879fea233a5f46522c939c1
SHA1

e1fc1a476a73487af582c7a920158ef8af361a30
SHA256

f7e6d70e5553fb8c221304bf51126f457d4825194c4ef4f98915b28eb9942326
SHA512

22419583ca49ec5db6e6d55f8e3e16dc1c4ec1a886e21c81527d96a6048a6fd3e147bb15fa4e87cce65ab87c85fc8d68d6bee4bbbc56b27f72d4806c5b53aeb8

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Variant.Danabot.2.2137.10898.exe

Resource

win7v20201028

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Variant.Danabot.2.2137.10898.exe

Resource

win10v20201028

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

54.38.22.65

192.99.219.207

51.255.134.130

192.236.179.73

23.82.140.201

172.81.129.196

rsa_pubkey.plain

Targets

- Target
  
  SecuriteInfo.com.Variant.Danabot.2.2137.10898
- Size
  
  940KB
- MD5
  
  999fca908879fea233a5f46522c939c1
- SHA1
  
  e1fc1a476a73487af582c7a920158ef8af361a30
- SHA256
  
  f7e6d70e5553fb8c221304bf51126f457d4825194c4ef4f98915b28eb9942326
- SHA512
  
  22419583ca49ec5db6e6d55f8e3e16dc1c4ec1a886e21c81527d96a6048a6fd3e147bb15fa4e87cce65ab87c85fc8d68d6bee4bbbc56b27f72d4806c5b53aeb8
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy