danabot | d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e
Size

1.1MB
Sample

211021-yd6dwsaff4
MD5

8221e011ca9356d2f6f7126eb13553d1
SHA1

73c2e0986be301d0552b8f6662bd786a85cea382
SHA256

d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e
SHA512

b87f95122f40708a1b879fa03c8d8f27dd002dae575c684bf06958c4ce93ccf4be04540b51bafab759d61a28cab28f814d12080619ecfac76973a48305a2704a

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e.exe

Resource

win10-en-20211014

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

192.119.110.73:443

192.236.147.159:443

192.210.222.88:443

Attributes

embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e
- Size
  
  1.1MB
- MD5
  
  8221e011ca9356d2f6f7126eb13553d1
- SHA1
  
  73c2e0986be301d0552b8f6662bd786a85cea382
- SHA256
  
  d076723f1269a1387c69018f4a3fac024b73176f8403372d06a7d58ade52d64e
- SHA512
  
  b87f95122f40708a1b879fa03c8d8f27dd002dae575c684bf06958c4ce93ccf4be04540b51bafab759d61a28cab28f814d12080619ecfac76973a48305a2704a
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy