danabot | db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748 | Triage

Submit
Reports

Overview

overview

Static

static

db498d695a...48.exe

windows7_x64

db498d695a...48.exe

windows10_x64

Sharing

General

Target

db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748
Size

632KB
Sample

210509-sbwfr9e7ps
MD5

0f40f2a441d6c25b01f5948e5f310cfb
SHA1

8b3d98cb40d6ceba5d16177e52db30f17f883965
SHA256

db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748
SHA512

2dba18c2b32be8ce93e40544499c17894bd03ed0f0202bcbddfbe648c9310b278e2332b2ed41d87725bea00d3e6127a13c5ab66e885557c1a5f37d7f7961636b

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748.exe

Resource

win7v20210408

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748.exe

Resource

win10v20210410

danabot banker botnet trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.56.192

5.61.58.130

2.56.212.4

32.99.84.84

152.195.32.21

49.126.36.10

93.165.23.189

22.55.172.123

113.104.135.195

2.56.213.39

rsa_pubkey.plain

Targets

- Target
  
  db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748
- Size
  
  632KB
- MD5
  
  0f40f2a441d6c25b01f5948e5f310cfb
- SHA1
  
  8b3d98cb40d6ceba5d16177e52db30f17f883965
- SHA256
  
  db498d695a4bcbe00af29dd37b5b28ac4f2f6c9947fc9a5032ac6e1dc8416748
- SHA512
  
  2dba18c2b32be8ce93e40544499c17894bd03ed0f0202bcbddfbe648c9310b278e2332b2ed41d87725bea00d3e6127a13c5ab66e885557c1a5f37d7f7961636b
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy