c032032a6008322f58be7e4d80ff83e42b5b1dc66c5249bcf24cbc58e6264d72

General
Target

c032032a6008322f58be7e4d80ff83e42b5b1dc66c5249bcf24cbc58e6264d72

Size

1MB

Sample

220109-dbl71sdcf8

Score
10 /10
MD5

7f8d63b515602c453d4b82c506f2c9d6

SHA1

8c7d9cfae4b5d5283d85d339c417e4a9a9911a73

SHA256

c032032a6008322f58be7e4d80ff83e42b5b1dc66c5249bcf24cbc58e6264d72

SHA512

3bd87d5803ba8180216d522aeec6aa67b7d1df62c6e96d0d2800192f89b2ae577d6d95c6a0b6a96ccf2788de4d33acd642b461b60bfa11cbeb9c96e56a493bf8

Malware Config

Extracted

Family danabot
Botnet 4
C2

192.119.110.4:443

103.175.16.113:443

Attributes
embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader
rsa_pubkey.plain
rsa_privkey.plain
Targets
Target

c032032a6008322f58be7e4d80ff83e42b5b1dc66c5249bcf24cbc58e6264d72

MD5

7f8d63b515602c453d4b82c506f2c9d6

Filesize

1MB

Score
10/10
SHA1

8c7d9cfae4b5d5283d85d339c417e4a9a9911a73

SHA256

c032032a6008322f58be7e4d80ff83e42b5b1dc66c5249bcf24cbc58e6264d72

SHA512

3bd87d5803ba8180216d522aeec6aa67b7d1df62c6e96d0d2800192f89b2ae577d6d95c6a0b6a96ccf2788de4d33acd642b461b60bfa11cbeb9c96e56a493bf8

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10