danabot | fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4
Size

1.8MB
Sample

211118-xhc3gafbej
MD5

ab31c2d598849285e601ef678552ee29
SHA1

e732ba422aa5a6c6abc13685e7cda9ac7d43b1a5
SHA256

fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4
SHA512

a3069dc5aff9e084a4a1c3e088837d3c46ca6c812ed1c2ed85cb3aac5e6785d57a5444dec71ba8a98084015a30faf9abf7b2e43ea97cf5a00ef96b0c00241eb2

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4.exe

Resource

win10-en-20211104

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

192.119.110.73:443

192.236.192.201:443

Attributes

embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4
- Size
  
  1.8MB
- MD5
  
  ab31c2d598849285e601ef678552ee29
- SHA1
  
  e732ba422aa5a6c6abc13685e7cda9ac7d43b1a5
- SHA256
  
  fc3bbac32a466177b1575504b966baf11e8b7c3aafc4f755818591fb35aaf5d4
- SHA512
  
  a3069dc5aff9e084a4a1c3e088837d3c46ca6c812ed1c2ed85cb3aac5e6785d57a5444dec71ba8a98084015a30faf9abf7b2e43ea97cf5a00ef96b0c00241eb2
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Suspicious use of NtCreateProcessExOtherParentProcess
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy