danabot | 4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e
Size

1.9MB
Sample

211125-vjkgtsfhek
MD5

53ae8c388fe67beda5e87110993bf101
SHA1

2156f07b6674888c4164fa2316fdcbe7f0455a20
SHA256

4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e
SHA512

1a3d019a7fc41510a8305651573d50bf41bd990071568dec372c5004cd65b149e51bccbdda1aa68fdd37a97074798996296d270ba8eecc6acd599d8df4847f1a

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e.dll

Resource

win10-en-20211014

danabot banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

185.117.90.36:443

193.42.36.59:443

193.56.146.53:443

185.106.123.228:443

Attributes

embedded_hash
07284E2A3AB3C2E1FFFBD425849BE150
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e
- Size
  
  1.9MB
- MD5
  
  53ae8c388fe67beda5e87110993bf101
- SHA1
  
  2156f07b6674888c4164fa2316fdcbe7f0455a20
- SHA256
  
  4642a926e0bf60e4e996601244c3bfcf397f213cc08fdfd90e64795f5f5ede0e
- SHA512
  
  1a3d019a7fc41510a8305651573d50bf41bd990071568dec372c5004cd65b149e51bccbdda1aa68fdd37a97074798996296d270ba8eecc6acd599d8df4847f1a
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy