danabot | d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9 | Triage

Submit
Reports

Overview

overview

Static

static

d46fdde4c0...e9.exe

windows7_x64

d46fdde4c0...e9.exe

windows10-2004_x64

1

Sharing

General

Target

d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
Size

983KB
Sample

220205-lhn9ysaac4
MD5

2cc2e2d04b19ae5e2ec44a6ad1659032
SHA1

446c7ef75794b80370310566c0a8a4a63492e1d9
SHA256

d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
SHA512

1bd01c404206499d17ca326eded8daf1125df868a82c3e54a4db064b58c73f7a6825845530bff062e58495c83f1d40efc481f970b7b60d0fe36c02a6e5e1ff26

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9.exe

Resource

win7-en-20211208

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.58.130

2.56.213.39

2.56.212.4

5.61.56.192

rsa_pubkey.plain

Targets

- Target
  
  d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
- Size
  
  983KB
- MD5
  
  2cc2e2d04b19ae5e2ec44a6ad1659032
- SHA1
  
  446c7ef75794b80370310566c0a8a4a63492e1d9
- SHA256
  
  d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
- SHA512
  
  1bd01c404206499d17ca326eded8daf1125df868a82c3e54a4db064b58c73f7a6825845530bff062e58495c83f1d40efc481f970b7b60d0fe36c02a6e5e1ff26
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

© 2018-2024

Terms | Privacy