83a67ecd166b919255b264718993c284a3238971a24c939c45e0c525f3361a43.bin

General
Target

83a67ecd166b919255b264718993c284a3238971a24c939c45e0c525f3361a43.bin

Size

5MB

Sample

210125-ltafad7e5a

Score
10 /10
MD5

3a4299537272d8671d85c99c17918e99

SHA1

93ff8577a13146091e40349fa523a6f54bd5fa2a

SHA256

83a67ecd166b919255b264718993c284a3238971a24c939c45e0c525f3361a43

SHA512

29011d41fdfc35cf3a4fe84fc08536bf1aa2afae2954227c58c53bbd922dcbfe256c43844e4153b56888f0e648dc57ad25d9bf15abe0dfb5796c2276b2ff1d28

Malware Config

Extracted

Family danabot
Version 1732
Botnet 21
C2

149.129.212.179:443

47.254.247.133:443

159.89.114.62:443

138.197.139.56:443

Attributes
embedded_hash
DE6DF8FA2198DD77CFD93D89D8ECC62D
rsa_pubkey.plain
rsa_pubkey.plain
Targets
Target

83a67ecd166b919255b264718993c284a3238971a24c939c45e0c525f3361a43.bin

MD5

3a4299537272d8671d85c99c17918e99

Filesize

5MB

Score
10 /10
SHA1

93ff8577a13146091e40349fa523a6f54bd5fa2a

SHA256

83a67ecd166b919255b264718993c284a3238971a24c939c45e0c525f3361a43

SHA512

29011d41fdfc35cf3a4fe84fc08536bf1aa2afae2954227c58c53bbd922dcbfe256c43844e4153b56888f0e648dc57ad25d9bf15abe0dfb5796c2276b2ff1d28

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Blocklisted process makes network request

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Drops desktop.ini file(s)

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    10/10

                    behavioral1

                    8/10