tvqyodlskqy.exe

General
Target

tvqyodlskqy.exe

Size

1MB

Sample

210926-pxw5wsegek

Score
10 /10
MD5

1ccb04e0781f40686a84367247e42c6d

SHA1

4d4969f830b9d74de4b943063d0a7fbea23f020d

SHA256

9b68462224e951b51381fca03a21722bd7b4511ad495ba58700663944e8df9f2

SHA512

89f0cd763783a65aff86eb83f3e9a5528cc2321cae1b1427db4196708f3566866cef56e7c09e2ca210c7b4eb6fe085d20b64910e25c4f6bd5a0a236aa68c1bdf

Malware Config
Targets
Target

tvqyodlskqy.exe

MD5

1ccb04e0781f40686a84367247e42c6d

Filesize

1MB

Score
10 /10
SHA1

4d4969f830b9d74de4b943063d0a7fbea23f020d

SHA256

9b68462224e951b51381fca03a21722bd7b4511ad495ba58700663944e8df9f2

SHA512

89f0cd763783a65aff86eb83f3e9a5528cc2321cae1b1427db4196708f3566866cef56e7c09e2ca210c7b4eb6fe085d20b64910e25c4f6bd5a0a236aa68c1bdf

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Blocklisted process makes network request

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10