3b2e2b369895d2fd94a07ef3c66978c5.exe

General
Target

3b2e2b369895d2fd94a07ef3c66978c5.exe

Size

1MB

Sample

220110-jtt88seaa5

Score
10 /10
MD5

3b2e2b369895d2fd94a07ef3c66978c5

SHA1

91a09480fad625eae27f4df3e6de3e7e2cfec949

SHA256

220952caf42db06de1b1b80c1f95884419ebd90a667a07fa8da6792db1404316

SHA512

1be44c64c59b7c7c1236e30aa88c989263f763511615022c0f4e5ff8e898a8e6a9a19dcd5ac5311af3b9438983b09ee301496ba78df774de154b410209104734

Malware Config

Extracted

Family danabot
Botnet 4
C2

192.119.110.4:443

103.175.16.113:443

Attributes
embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader
rsa_pubkey.plain
rsa_privkey.plain
Targets
Target

3b2e2b369895d2fd94a07ef3c66978c5.exe

MD5

3b2e2b369895d2fd94a07ef3c66978c5

Filesize

1MB

Score
10/10
SHA1

91a09480fad625eae27f4df3e6de3e7e2cfec949

SHA256

220952caf42db06de1b1b80c1f95884419ebd90a667a07fa8da6792db1404316

SHA512

1be44c64c59b7c7c1236e30aa88c989263f763511615022c0f4e5ff8e898a8e6a9a19dcd5ac5311af3b9438983b09ee301496ba78df774de154b410209104734

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10