General

  • Target

    a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

  • Size

    1.1MB

  • Sample

    220113-sqzh8abah7

  • MD5

    529aa365cda65ab7bfc08d8d7b6dbfd8

  • SHA1

    7ca701360a398ac3ff07b5c8923f2693e355b4ca

  • SHA256

    a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

  • SHA512

    27c15dbfabf4395aaaaed9724e97cd10b773f1089505e1e16bedfcdd449761c2a75426fd8645dd86f4124fe966eec85a4aacd641eaa9ede9d3948c460650de90

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

103.175.16.113:443

103.175.16.114:443

Attributes
  • embedded_hash

    422236FD601D11EE82825A484D26DD6F

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

    • Size

      1.1MB

    • MD5

      529aa365cda65ab7bfc08d8d7b6dbfd8

    • SHA1

      7ca701360a398ac3ff07b5c8923f2693e355b4ca

    • SHA256

      a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

    • SHA512

      27c15dbfabf4395aaaaed9724e97cd10b773f1089505e1e16bedfcdd449761c2a75426fd8645dd86f4124fe966eec85a4aacd641eaa9ede9d3948c460650de90

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot Loader Component

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks