danabot | f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c
Size

1.1MB
Sample

220112-h1ragsbfep
MD5

51913f93259de85f17d3590a8263589d
SHA1

c36fb4dade6e0c69e81b8e2f2a69090471c22f7a
SHA256

f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c
SHA512

dca6b3579463af33792171d29ecb711c7bef7e83efb38cf43c37b3dd654267847851223caeef5a260a596c5d9a27f14b59ba969ceb6a0678d2515a1b5f601c82

Score

10^/10

danabot 4 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c.exe

Resource

win10-en-20211208

danabot 4 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

209.127.27.22:443

103.175.16.114:443

103.175.16.113:443

Attributes

embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c
- Size
  
  1.1MB
- MD5
  
  51913f93259de85f17d3590a8263589d
- SHA1
  
  c36fb4dade6e0c69e81b8e2f2a69090471c22f7a
- SHA256
  
  f38ab9b98774509a4d1dbadc3f5c9a5f927979736ff89dd5892b380a9f09738c
- SHA512
  
  dca6b3579463af33792171d29ecb711c7bef7e83efb38cf43c37b3dd654267847851223caeef5a260a596c5d9a27f14b59ba969ceb6a0678d2515a1b5f601c82
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankertrojan

© 2018-2024

Terms | Privacy