General

  • Target

    669f064aec912f72385f9e7723d431dfc2c38699c1f7add014b1031032e9965c

  • Size

    1.1MB

  • Sample

    220113-af9mbsege8

  • MD5

    4698c5d4fd0259b7e65d925bbd67c4ea

  • SHA1

    fdcd44b4179e4498162f279e72317a431f6c6567

  • SHA256

    669f064aec912f72385f9e7723d431dfc2c38699c1f7add014b1031032e9965c

  • SHA512

    3f3a262411f0eed0f5f1e121a3db54b552379f577d8c1059a8ab88eb690177d2639c8dcd47709a5b4cce138ab327e2af8b79fc894eae3034371dd31752b7393e

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

103.175.16.113:443

103.175.16.114:443

Attributes
  • embedded_hash

    422236FD601D11EE82825A484D26DD6F

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      669f064aec912f72385f9e7723d431dfc2c38699c1f7add014b1031032e9965c

    • Size

      1.1MB

    • MD5

      4698c5d4fd0259b7e65d925bbd67c4ea

    • SHA1

      fdcd44b4179e4498162f279e72317a431f6c6567

    • SHA256

      669f064aec912f72385f9e7723d431dfc2c38699c1f7add014b1031032e9965c

    • SHA512

      3f3a262411f0eed0f5f1e121a3db54b552379f577d8c1059a8ab88eb690177d2639c8dcd47709a5b4cce138ab327e2af8b79fc894eae3034371dd31752b7393e

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot Loader Component

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks