a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

Target

Size

1MB

Sample

220113-sqzh8abah7

Score

10 ^/10

MD5

529aa365cda65ab7bfc08d8d7b6dbfd8

SHA1

7ca701360a398ac3ff07b5c8923f2693e355b4ca

SHA256

a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

SHA512

27c15dbfabf4395aaaaed9724e97cd10b773f1089505e1e16bedfcdd449761c2a75426fd8645dd86f4124fe966eec85a4aacd641eaa9ede9d3948c460650de90

Extracted

Family	danabot
Botnet	4
C2	103.175.16.113:443 103.175.16.114:443 103.175.16.113:443 103.175.16.114:443
Attributes	embedded_hash 422236FD601D11EE82825A484D26DD6F type loader
rsa_pubkey.plain
rsa_privkey.plain

Target

a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

MD5

529aa365cda65ab7bfc08d8d7b6dbfd8

Filesize

1MB

Score

10^/10

SHA1

7ca701360a398ac3ff07b5c8923f2693e355b4ca

SHA256

a5976d1948376946db83e75c050bbbd8ee6debfe5b719fd9d433a6355edef209

SHA512

27c15dbfabf4395aaaaed9724e97cd10b773f1089505e1e16bedfcdd449761c2a75426fd8645dd86f4124fe966eec85a4aacd641eaa9ede9d3948c460650de90

Signatures

Danabot
Description

Danabot is a modular banking Trojan that has been linked with other malware.
Tags

trojan banker danabot
Danabot Loader Component
Loads dropped DLL

Related Tasks

behavioral1

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

danabot 4 banker trojan

10^/10

Extracted

Tags

Signatures

Danabot

Description

Tags

Danabot Loader Component

Loads dropped DLL

Related Tasks

static1

behavioral1