danabot | 9b68462224e951b51381fca03a21722bd7b4511ad495ba58700663944e8df9f2 | Triage

Submit
Reports

Overview

overview

Static

static

tvqyodlskqy.exe

windows7_x64

tvqyodlskqy.exe

windows10_x64

Sharing

General

Target

tvqyodlskqy.exe
Size

1.0MB
Sample

210926-pxw5wsegek
MD5

1ccb04e0781f40686a84367247e42c6d
SHA1

4d4969f830b9d74de4b943063d0a7fbea23f020d
SHA256

9b68462224e951b51381fca03a21722bd7b4511ad495ba58700663944e8df9f2
SHA512

89f0cd763783a65aff86eb83f3e9a5528cc2321cae1b1427db4196708f3566866cef56e7c09e2ca210c7b4eb6fe085d20b64910e25c4f6bd5a0a236aa68c1bdf

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

tvqyodlskqy.exe

Resource

win7v20210408

danabot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tvqyodlskqy.exe

Resource

win10-en-20210920

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tvqyodlskqy.exe
- Size
  
  1.0MB
- MD5
  
  1ccb04e0781f40686a84367247e42c6d
- SHA1
  
  4d4969f830b9d74de4b943063d0a7fbea23f020d
- SHA256
  
  9b68462224e951b51381fca03a21722bd7b4511ad495ba58700663944e8df9f2
- SHA512
  
  89f0cd763783a65aff86eb83f3e9a5528cc2321cae1b1427db4196708f3566866cef56e7c09e2ca210c7b4eb6fe085d20b64910e25c4f6bd5a0a236aa68c1bdf
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy