danabot | f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814
Size

1.9MB
Sample

211125-tx1kjafgcm
MD5

fe87670bcb604ce78273292793f50129
SHA1

2e4d5d16ca026995c0862c755ad93d54488f695d
SHA256

f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814
SHA512

12cee37c4b40eacdba313680284108cb4a6ed030f86e9afb32d17283d1d23b1440127729dcf3ffc5160f26020f3d1da7abacfabe768d4f5f94598a95a276433e

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814.dll

Resource

win10-en-20211014

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

185.117.90.36:443

193.42.36.59:443

193.56.146.53:443

185.106.123.228:443

Attributes

embedded_hash
07284E2A3AB3C2E1FFFBD425849BE150
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814
- Size
  
  1.9MB
- MD5
  
  fe87670bcb604ce78273292793f50129
- SHA1
  
  2e4d5d16ca026995c0862c755ad93d54488f695d
- SHA256
  
  f37ed3859c32357cecb9dc74905a1c402a29dbc8d2d2b53472b168ca26ab7814
- SHA512
  
  12cee37c4b40eacdba313680284108cb4a6ed030f86e9afb32d17283d1d23b1440127729dcf3ffc5160f26020f3d1da7abacfabe768d4f5f94598a95a276433e
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy