danabot | d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839
Size

1.8MB
Sample

211125-tf8vksbad3
MD5

5f63a3b4fc81828b3bc937b8f37b4ad3
SHA1

88cda44cf9016d34f09f149d598965d3696a4fd3
SHA256

d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839
SHA512

6864fda7b6ebc0bc4d56ffbf81662363221c27b34256a2e78e056d4686059bc9ce62281ef11221aa32956b207dc3200de65eaed1ac4b60cce0bc38302bf7f025

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839.exe

Resource

win10-en-20211014

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

142.11.244.223:443

23.106.122.139:443

Attributes

embedded_hash
0FA95F120D6EB149A5D48E36BC76879D
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839
- Size
  
  1.8MB
- MD5
  
  5f63a3b4fc81828b3bc937b8f37b4ad3
- SHA1
  
  88cda44cf9016d34f09f149d598965d3696a4fd3
- SHA256
  
  d05d2b222162022fbc16d79cc5534bd94e5b8f400e446ddee763464e0de95839
- SHA512
  
  6864fda7b6ebc0bc4d56ffbf81662363221c27b34256a2e78e056d4686059bc9ce62281ef11221aa32956b207dc3200de65eaed1ac4b60cce0bc38302bf7f025
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Suspicious use of NtCreateProcessExOtherParentProcess
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy