danabot | e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f | Triage

Submit
Reports

Overview

overview

Static

static

e730840f8a...8f.vbs

windows7_x64

e730840f8a...8f.vbs

windows10-2004_x64

Sharing

General

Target

e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
Size

1.3MB
Sample

220420-k52ccsedf3
MD5

9a6daf1dd79a5b780136e3c21acf6a8b
SHA1

8db287888a361391e501cf05f7958c09f75a90c4
SHA256

e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
SHA512

edf2e1b385541b9a26059f0ca5cb92c67533e75c96d653c67bdb48912aca7b0d65b83680ad94b1c380dc422a55274251c6384079a30dc34c5c7e51cb79a9ebae

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f.vbs

Resource

win7-20220414-en

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f.vbs

Resource

win10v2004-20220414-en

danabot banker botnet trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

1.5.78.29

71.61.197.13

128.43.39.106

68.164.114.181

243.7.235.34

185.92.222.238

192.71.249.51

42.180.72.123

159.159.89.172

135.231.151.187

rsa_pubkey.plain

Targets

- Target
  
  e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
- Size
  
  1.3MB
- MD5
  
  9a6daf1dd79a5b780136e3c21acf6a8b
- SHA1
  
  8db287888a361391e501cf05f7958c09f75a90c4
- SHA256
  
  e730840f8a1ff98811c5a271bc482802db14c9a8f84641ac91b1ad4e0dba7a8f
- SHA512
  
  edf2e1b385541b9a26059f0ca5cb92c67533e75c96d653c67bdb48912aca7b0d65b83680ad94b1c380dc422a55274251c6384079a30dc34c5c7e51cb79a9ebae
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy