danabot | 312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a
Size

1.0MB
Sample

210926-ztk9bsfda4
MD5

3f0c702ca97329dbd1058ee03554438c
SHA1

7144b00e3daf74537f320cc63ac27146f8f97db0
SHA256

312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a
SHA512

da3f45c45d206e56c70f8b6a44a647eff252bfb8359dd000058177ec8741c33cbe285a1798bf0dc7f4b5ccb7ca52914ae022243aa63d3a0dcfafa501c1b93ad6

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a.exe

Resource

win10v20210408

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

23.254.144.209:443

192.236.194.86:443

142.11.192.232:443

Attributes

embedded_hash
0E1A7A1479C37094441FA911262B322A

rsa_privkey.plain

Targets

- Target
  
  312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a
- Size
  
  1.0MB
- MD5
  
  3f0c702ca97329dbd1058ee03554438c
- SHA1
  
  7144b00e3daf74537f320cc63ac27146f8f97db0
- SHA256
  
  312f6356e84a66b37b45ee215003dcc0ef7e6ee64c86bd7acf7069818d98869a
- SHA512
  
  da3f45c45d206e56c70f8b6a44a647eff252bfb8359dd000058177ec8741c33cbe285a1798bf0dc7f4b5ccb7ca52914ae022243aa63d3a0dcfafa501c1b93ad6
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy