General

  • Target

    8dbea1dbb96d435bdf102525efdfb988

  • Size

    1.8MB

  • Sample

    220105-thcvxsaggj

  • MD5

    8dbea1dbb96d435bdf102525efdfb988

  • SHA1

    cadf23a6ab9663b063cf6348a245d3fb0ed1631c

  • SHA256

    4d6d6199e2c3a26883a97fe9b5b0b947fa70254e4214bb9bea7065442ab9c0a1

  • SHA512

    4a24a9089396c6b7e1c7b7ea98754a720b5b845f74172c3291f902ca7da9025c9625cd6ed82df0b435bcfb4ca52b385d5bd169990847da2f8dbdbe32844097f9

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.244.223:443

192.236.194.72:443

Attributes
  • embedded_hash

    0FA95F120D6EB149A5D48E36BC76879D

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      8dbea1dbb96d435bdf102525efdfb988

    • Size

      1.8MB

    • MD5

      8dbea1dbb96d435bdf102525efdfb988

    • SHA1

      cadf23a6ab9663b063cf6348a245d3fb0ed1631c

    • SHA256

      4d6d6199e2c3a26883a97fe9b5b0b947fa70254e4214bb9bea7065442ab9c0a1

    • SHA512

      4a24a9089396c6b7e1c7b7ea98754a720b5b845f74172c3291f902ca7da9025c9625cd6ed82df0b435bcfb4ca52b385d5bd169990847da2f8dbdbe32844097f9

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot Loader Component

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks