danabot | 48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104
Size

1.0MB
Sample

210926-tte5esfbd2
MD5

ade05fb522e755083b91765182a61b3b
SHA1

590c4e1c7da966ed3d5e47b373a0b7906926eb64
SHA256

48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104
SHA512

e6ba593bc31fb568bb8f9f6486ca6f2682dd77f689e9d9c9c9d6dc6d387a265cfe3fd1fc91a6c427e52a89d2c4a9f3fa60c40c023fa47c02c93f46f8b44f5755

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104.exe

Resource

win10-en-20210920

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

23.254.144.209:443

192.236.194.86:443

142.11.192.232:443

Attributes

embedded_hash
0E1A7A1479C37094441FA911262B322A

rsa_privkey.plain

Targets

- Target
  
  48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104
- Size
  
  1.0MB
- MD5
  
  ade05fb522e755083b91765182a61b3b
- SHA1
  
  590c4e1c7da966ed3d5e47b373a0b7906926eb64
- SHA256
  
  48a21edaff352d53605463841f739415187971b3dd2bf0feed7f5c922b949104
- SHA512
  
  e6ba593bc31fb568bb8f9f6486ca6f2682dd77f689e9d9c9c9d6dc6d387a265cfe3fd1fc91a6c427e52a89d2c4a9f3fa60c40c023fa47c02c93f46f8b44f5755
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy