General
Target

46f780418896a455d2de3f6f4bcd58c8.exe

Size

1MB

Sample

210730-je9ehvk8xe

Score
10/10
MD5

46f780418896a455d2de3f6f4bcd58c8

SHA1

2e3eee8b2ed1c38d2576081c248548a1c014ed88

SHA256

c0adc2099ae21ac92cb680941eba342bdc73a7ca10bffd888c2fcae2e53bae9a

SHA512

8bfd6522f682c5cdb591e466d3a99aa6e1d5276fa27f800b3c935af0c969de13bd3d564afa468ecefa84a295e2471d8350970d4e460211557e89e2fa65199708

Malware Config

Extracted

Family

danabot

C2

142.11.244.124:443

142.11.206.50:443

Attributes
embedded_hash
6AD9FE4F9E491E785665E0D144F61DAB
rsa_pubkey.plain
rsa_privkey.plain
Targets
Target

46f780418896a455d2de3f6f4bcd58c8.exe

MD5

46f780418896a455d2de3f6f4bcd58c8

Filesize

1MB

Score
10/10
SHA1

2e3eee8b2ed1c38d2576081c248548a1c014ed88

SHA256

c0adc2099ae21ac92cb680941eba342bdc73a7ca10bffd888c2fcae2e53bae9a

SHA512

8bfd6522f682c5cdb591e466d3a99aa6e1d5276fa27f800b3c935af0c969de13bd3d564afa468ecefa84a295e2471d8350970d4e460211557e89e2fa65199708

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Blocklisted process makes network request

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10