danabot | 34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4 | Triage

Submit
Reports

Overview

overview

Static

static

34fea5456b...c4.exe

windows7_x64

34fea5456b...c4.exe

windows10-2004_x64

1

Sharing

General

Target

34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4
Size

983KB
Sample

220205-vjz8aadec3
MD5

be086e67c5b92065ef4677b3ea38bdb1
SHA1

6cdfb62655d58243fdd4b30dd0c58388946612d8
SHA256

34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4
SHA512

eeb123ebe4a545b4ef43ce28b8829e3d8384f88d002e1b6810baf1399e6ac30628ac862c59118000d37905370d618c4af1bef3b3ffea9352af3475c0cf16d7ba

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4.exe

Resource

win7-en-20211208

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.58.130

2.56.213.39

2.56.212.4

5.61.56.192

rsa_pubkey.plain

Targets

- Target
  
  34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4
- Size
  
  983KB
- MD5
  
  be086e67c5b92065ef4677b3ea38bdb1
- SHA1
  
  6cdfb62655d58243fdd4b30dd0c58388946612d8
- SHA256
  
  34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4
- SHA512
  
  eeb123ebe4a545b4ef43ce28b8829e3d8384f88d002e1b6810baf1399e6ac30628ac862c59118000d37905370d618c4af1bef3b3ffea9352af3475c0cf16d7ba
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

© 2018-2024

Terms | Privacy