danabot | e14b5e3e0e463d43cc28fc76ef2c26b1ea0baecabfb2467241bd14d937ec4edd | Triage

Submit
Reports

Overview

overview

Static

static

a6b262fd9c...ae.dll

windows7_x64

a6b262fd9c...ae.dll

windows10-2004_x64

8

Sharing

General

Target

a6b262fd9c0632265b09d7a0188c32d0e5042487368467e9e73ac0fbd3b56fae.zip
Size

411KB
Sample

220228-mfpndaeaa8
MD5

1ffe21f4cf1ae1797a30e85988e00cfc
SHA1

f5fa6c576f023e6978eb91e9c31ebdbb41a28ef3
SHA256

e14b5e3e0e463d43cc28fc76ef2c26b1ea0baecabfb2467241bd14d937ec4edd
SHA512

903f058b5ce7fbf880e761b19cf1b7aa3a27781bc02038718d270c729cece026b108c8519908e66ecff3e1cc52870b0c9860359d5d0292b7b6b06ed236b503ad

Score

10^/10

danabot 4 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

a6b262fd9c0632265b09d7a0188c32d0e5042487368467e9e73ac0fbd3b56fae.dll

Resource

win7-20220223-en

danabot 4 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a6b262fd9c0632265b09d7a0188c32d0e5042487368467e9e73ac0fbd3b56fae.dll

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

192.119.110.4:443

103.175.16.113:443

Attributes

embedded_hash
422236FD601D11EE82825A484D26DD6F
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  a6b262fd9c0632265b09d7a0188c32d0e5042487368467e9e73ac0fbd3b56fae
- Size
  
  1.3MB
- MD5
  
  69b5df6ca9fb51a4b225f3bf8e872a8e
- SHA1
  
  1d042cd3e47acddb39c98c16c7d669f629e9d159
- SHA256
  
  a6b262fd9c0632265b09d7a0188c32d0e5042487368467e9e73ac0fbd3b56fae
- SHA512
  
  7b6fc2d006e5ad47f5c6b4a7322258db4b28440a2e83eb004d51541c831269a071da14460e91786b36e89d73da1666c07130628b1887e3920ec28ba3d5cee59b
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankertrojan

behavioral2

© 2018-2024

Terms | Privacy