danabot | 8b73e5a9e4093166d04fcee33db13db39dacbb6a2bb8282282e1ab9558fddc86 | Triage

Submit
Reports

Overview

overview

Static

static

a07a26961f...43.exe

windows7_x64

a07a26961f...43.exe

windows10-2004_x64

Resubmissions

19-02-2022 18:44

220219-xdz2fachfn 10

31-01-2022 07:14

220131-h2552agegp 10

29-01-2022 08:45

220129-knq53agfcl 10

Sharing

General

Target

a07a26961fcd37fbbbe292225e069243.exe
Size

1.2MB
Sample

220219-xdz2fachfn
MD5

a07a26961fcd37fbbbe292225e069243
SHA1

d4f3c4d7045865e52284544c1957cf3786902404
SHA256

8b73e5a9e4093166d04fcee33db13db39dacbb6a2bb8282282e1ab9558fddc86
SHA512

81fe9aa924055f4a039cd662d4244bbf9a48b6698fbb6bffd891cd59d55a613e67011bcc3ad2420f9d7bf4d2447abdccbf4caff086ab2ae7331e6aa3191fd769

Score

10^/10

danabot 4 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

a07a26961fcd37fbbbe292225e069243.exe

Resource

win7-en-20211208

danabot 4 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a07a26961fcd37fbbbe292225e069243.exe

Resource

win10v2004-en-20220112

danabot 4 banker trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

5.253.84.124:443

103.175.16.114:443

193.34.166.107:443

Attributes

embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  a07a26961fcd37fbbbe292225e069243.exe
- Size
  
  1.2MB
- MD5
  
  a07a26961fcd37fbbbe292225e069243
- SHA1
  
  d4f3c4d7045865e52284544c1957cf3786902404
- SHA256
  
  8b73e5a9e4093166d04fcee33db13db39dacbb6a2bb8282282e1ab9558fddc86
- SHA512
  
  81fe9aa924055f4a039cd662d4244bbf9a48b6698fbb6bffd891cd59d55a613e67011bcc3ad2420f9d7bf4d2447abdccbf4caff086ab2ae7331e6aa3191fd769
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Suspicious use of NtCreateProcessExOtherParentProcess
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabot4bankertrojan

behavioral2

danabot4bankertrojan

© 2018-2024

Terms | Privacy