danabot | ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d | Triage

Submit
Reports

Overview

overview

Static

static

ba060accb7...4d.exe

windows7_x64

ba060accb7...4d.exe

windows10-2004_x64

Sharing

General

Target

ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d
Size

984KB
Sample

220226-hmwcaabagq
MD5

fd3287f724b6bfd5b925a3d2f65b4cf4
SHA1

99e1408bb8d8112080db19827e59dea833aae886
SHA256

ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d
SHA512

89e2c9d636023320b8358eddcaf11244afd0f18a1c85d528bce2ebbe39d1aec40809b58778a55cf32458350d7531be12bfec744ced09092536abee4e61b3fee8

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d.exe

Resource

win7-20220223-en

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d.exe

Resource

win10v2004-en-20220113

danabot banker botnet trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.58.130

2.56.213.39

2.56.212.4

5.61.56.192

rsa_pubkey.plain

Targets

- Target
  
  ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d
- Size
  
  984KB
- MD5
  
  fd3287f724b6bfd5b925a3d2f65b4cf4
- SHA1
  
  99e1408bb8d8112080db19827e59dea833aae886
- SHA256
  
  ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d
- SHA512
  
  89e2c9d636023320b8358eddcaf11244afd0f18a1c85d528bce2ebbe39d1aec40809b58778a55cf32458350d7531be12bfec744ced09092536abee4e61b3fee8
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Suspicious use of NtCreateProcessExOtherParentProcess
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy