General

  • Target

    f601ad405d65674d3fdd6d9625770487.exe

  • Size

    1.1MB

  • Sample

    220109-k7bvgsdggn

  • MD5

    f601ad405d65674d3fdd6d9625770487

  • SHA1

    2d5a12ef12b560d3bb634fa37d78951169113949

  • SHA256

    2a009cecbb0b5f61ac6956e12a8ffd880a5c6c5fcce207d48a39dec829daff6d

  • SHA512

    1347e26b67ed12d3173196aaca8e9fcad5bb8f6ed17e0482c5b5e33ddbecb19b954d46fcea4ff9e07e7d116b2c3ba351a1ce3aae294e4ce9e176797115a8171f

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

192.119.110.4:443

103.175.16.113:443

Attributes
  • embedded_hash

    422236FD601D11EE82825A484D26DD6F

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      f601ad405d65674d3fdd6d9625770487.exe

    • Size

      1.1MB

    • MD5

      f601ad405d65674d3fdd6d9625770487

    • SHA1

      2d5a12ef12b560d3bb634fa37d78951169113949

    • SHA256

      2a009cecbb0b5f61ac6956e12a8ffd880a5c6c5fcce207d48a39dec829daff6d

    • SHA512

      1347e26b67ed12d3173196aaca8e9fcad5bb8f6ed17e0482c5b5e33ddbecb19b954d46fcea4ff9e07e7d116b2c3ba351a1ce3aae294e4ce9e176797115a8171f

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot Loader Component

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks