General

  • Target

    a91defb7b648925263051ec7fd201c94.exe

  • Size

    1.1MB

  • Sample

    220106-ww16sabhdj

  • MD5

    a91defb7b648925263051ec7fd201c94

  • SHA1

    76a5a4630de67311340bc86b5f3c04937a546015

  • SHA256

    de041e8c31ea6d8d05533730d1fa3ee11b74d3b98155693e19a68af8212c1ea2

  • SHA512

    2cf63e77e06ff98ee1bf91d54cd5094bcd6f81eeb3721fc3ffff18c315b195a99f7f1fdc8170d6f9ccb935f9b6d3cd14ad64b4985431037197fc0ba2f0356170

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.244.223:443

192.236.194.72:443

192.119.110.4:443

Attributes
  • embedded_hash

    8357B947FCA843DB2D85EC29EDCDEF3C

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      a91defb7b648925263051ec7fd201c94.exe

    • Size

      1.1MB

    • MD5

      a91defb7b648925263051ec7fd201c94

    • SHA1

      76a5a4630de67311340bc86b5f3c04937a546015

    • SHA256

      de041e8c31ea6d8d05533730d1fa3ee11b74d3b98155693e19a68af8212c1ea2

    • SHA512

      2cf63e77e06ff98ee1bf91d54cd5094bcd6f81eeb3721fc3ffff18c315b195a99f7f1fdc8170d6f9ccb935f9b6d3cd14ad64b4985431037197fc0ba2f0356170

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks