danabot | 220952caf42db06de1b1b80c1f95884419ebd90a667a07fa8da6792db1404316 | Triage

Submit
Reports

Overview

overview

Static

static

3b2e2b3698...c5.exe

windows7_x64

3b2e2b3698...c5.exe

windows10_x64

Sharing

General

Target

3b2e2b369895d2fd94a07ef3c66978c5.exe
Size

1.1MB
Sample

220110-jtt88seaa5
MD5

3b2e2b369895d2fd94a07ef3c66978c5
SHA1

91a09480fad625eae27f4df3e6de3e7e2cfec949
SHA256

220952caf42db06de1b1b80c1f95884419ebd90a667a07fa8da6792db1404316
SHA512

1be44c64c59b7c7c1236e30aa88c989263f763511615022c0f4e5ff8e898a8e6a9a19dcd5ac5311af3b9438983b09ee301496ba78df774de154b410209104734

Score

10^/10

danabot 4 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

3b2e2b369895d2fd94a07ef3c66978c5.exe

Resource

win7-en-20211208

danabot 4 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3b2e2b369895d2fd94a07ef3c66978c5.exe

Resource

win10-en-20211208

danabot 4 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

192.119.110.4:443

103.175.16.113:443

Attributes

embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  3b2e2b369895d2fd94a07ef3c66978c5.exe
- Size
  
  1.1MB
- MD5
  
  3b2e2b369895d2fd94a07ef3c66978c5
- SHA1
  
  91a09480fad625eae27f4df3e6de3e7e2cfec949
- SHA256
  
  220952caf42db06de1b1b80c1f95884419ebd90a667a07fa8da6792db1404316
- SHA512
  
  1be44c64c59b7c7c1236e30aa88c989263f763511615022c0f4e5ff8e898a8e6a9a19dcd5ac5311af3b9438983b09ee301496ba78df774de154b410209104734
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankertrojan

behavioral2

danabot4bankertrojan

© 2018-2024

Terms | Privacy