fca6217cf8955755dadcff890704ac98883879c24da212b9ef3aaed402e1566e

General
Target

fca6217cf8955755dadcff890704ac98883879c24da212b9ef3aaed402e1566e

Size

1MB

Sample

220113-qrzt9saeb2

Score
10 /10
MD5

a5fb0a37f7ac9d8efe9c6dc4b5075777

SHA1

00a4ce2ac284e2cebf56d60398868435fb560cbd

SHA256

fca6217cf8955755dadcff890704ac98883879c24da212b9ef3aaed402e1566e

SHA512

31799ab34f71c93f826bf5a25c1dc149bea00755cc671cde2de9847579bdcdecfce67da17aad4ce1a5578d5fcbe5dba6737471422155dedbd33130572f42d821

Malware Config

Extracted

Family danabot
Botnet 4
C2

103.175.16.113:443

103.175.16.114:443

Attributes
embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader
rsa_pubkey.plain
rsa_privkey.plain
Targets
Target

fca6217cf8955755dadcff890704ac98883879c24da212b9ef3aaed402e1566e

MD5

a5fb0a37f7ac9d8efe9c6dc4b5075777

Filesize

1MB

Score
10/10
SHA1

00a4ce2ac284e2cebf56d60398868435fb560cbd

SHA256

fca6217cf8955755dadcff890704ac98883879c24da212b9ef3aaed402e1566e

SHA512

31799ab34f71c93f826bf5a25c1dc149bea00755cc671cde2de9847579bdcdecfce67da17aad4ce1a5578d5fcbe5dba6737471422155dedbd33130572f42d821

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10