danabot | 32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4
Size

1.1MB
Sample

220112-q5hg5scgej
MD5

722ab33bdfacbf936ffa60366d33e686
SHA1

0a3f8db0d8b4486c04616828c94e1916959380a7
SHA256

32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4
SHA512

73f5698f7757ff7520c2fddf03e31f8d7a9c75012da3f9ade68ed0b76db768415a1b377a2a4ac6f0b410948905442686a4fe2375d766892fdf59b15ed28fb9d7

Score

10^/10

danabot 4 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4.exe

Resource

win10-en-20211208

danabot 4 banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

209.127.27.22:443

103.175.16.114:443

103.175.16.113:443

Attributes

embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4
- Size
  
  1.1MB
- MD5
  
  722ab33bdfacbf936ffa60366d33e686
- SHA1
  
  0a3f8db0d8b4486c04616828c94e1916959380a7
- SHA256
  
  32c6cedefebc69003932d53b9527047d3a1bbd5ab2bd9c5641d3cc7bb9df10d4
- SHA512
  
  73f5698f7757ff7520c2fddf03e31f8d7a9c75012da3f9ade68ed0b76db768415a1b377a2a4ac6f0b410948905442686a4fe2375d766892fdf59b15ed28fb9d7
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankertrojan

© 2018-2024

Terms | Privacy