d57c5f0618d68902c6b7e8fa7b888641.exe

Target

Size

1MB

Sample

220113-syn3fsbcbk

Score

10 ^/10

MD5

d57c5f0618d68902c6b7e8fa7b888641

SHA1

06693ad79544d8f5172d48a938ba949499ba6c60

SHA256

eb5966c02b728346e88e69ac3f63da4ec863a3e0d0754937c0f56799d3718d3d

SHA512

f48c04fad244d0c6d8a6a6d4ca5ae196184f43c18ac981a59101269bf2d8eb0834ad5b0138897c002bf507b0b8e3870afcc92d659035c40f7c246f524a6e9e6d

Extracted

Family	danabot
Botnet	4
C2	103.175.16.113:443 103.175.16.114:443 103.175.16.113:443 103.175.16.114:443
Attributes	embedded_hash 422236FD601D11EE82825A484D26DD6F type loader
rsa_pubkey.plain
rsa_privkey.plain

Target

d57c5f0618d68902c6b7e8fa7b888641.exe

MD5

d57c5f0618d68902c6b7e8fa7b888641

Filesize

1MB

Score

10^/10

SHA1

06693ad79544d8f5172d48a938ba949499ba6c60

SHA256

eb5966c02b728346e88e69ac3f63da4ec863a3e0d0754937c0f56799d3718d3d

SHA512

f48c04fad244d0c6d8a6a6d4ca5ae196184f43c18ac981a59101269bf2d8eb0834ad5b0138897c002bf507b0b8e3870afcc92d659035c40f7c246f524a6e9e6d

Signatures

Danabot
Description

Danabot is a modular banking Trojan that has been linked with other malware.
Tags

trojan banker danabot
Danabot Loader Component
Loads dropped DLL

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

danabot 4 banker trojan

10^/10

behavioral2

danabot 4 banker trojan

10^/10

Extracted

Tags

Signatures

Danabot

Description

Tags

Danabot Loader Component

Loads dropped DLL

Related Tasks

static1

behavioral1

behavioral2