d57c5f0618d68902c6b7e8fa7b888641.exe

General
Target

d57c5f0618d68902c6b7e8fa7b888641.exe

Size

1MB

Sample

220113-syn3fsbcbk

Score
10 /10
MD5

d57c5f0618d68902c6b7e8fa7b888641

SHA1

06693ad79544d8f5172d48a938ba949499ba6c60

SHA256

eb5966c02b728346e88e69ac3f63da4ec863a3e0d0754937c0f56799d3718d3d

SHA512

f48c04fad244d0c6d8a6a6d4ca5ae196184f43c18ac981a59101269bf2d8eb0834ad5b0138897c002bf507b0b8e3870afcc92d659035c40f7c246f524a6e9e6d

Malware Config

Extracted

Family danabot
Botnet 4
C2

103.175.16.113:443

103.175.16.114:443

Attributes
embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader
rsa_pubkey.plain
rsa_privkey.plain
Targets
Target

d57c5f0618d68902c6b7e8fa7b888641.exe

MD5

d57c5f0618d68902c6b7e8fa7b888641

Filesize

1MB

Score
10/10
SHA1

06693ad79544d8f5172d48a938ba949499ba6c60

SHA256

eb5966c02b728346e88e69ac3f63da4ec863a3e0d0754937c0f56799d3718d3d

SHA512

f48c04fad244d0c6d8a6a6d4ca5ae196184f43c18ac981a59101269bf2d8eb0834ad5b0138897c002bf507b0b8e3870afcc92d659035c40f7c246f524a6e9e6d

Tags

Signatures

  • Danabot

    Description

    Danabot is a modular banking Trojan that has been linked with other malware.

    Tags

  • Danabot Loader Component

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10