danabot | f93628943add0691bc80e1db3cee114133ef839e820f50448b3082c46113cb6d | Triage

Resubmissions

03-05-2022 12:57

220503-p7a1eaheaj 8

21-04-2022 08:13

220421-j4eljaacfn 8

Sharing

General

Target

ae6a68f651c30d7c6c914114fa14aa0b.exe
Size

967KB
Sample

220503-p7a1eaheaj
MD5

ae6a68f651c30d7c6c914114fa14aa0b
SHA1

21eeaeb2061461f7bdd20f02542c18cc4ea75baa
SHA256

f93628943add0691bc80e1db3cee114133ef839e820f50448b3082c46113cb6d
SHA512

e06c62be260746076290d404f90e797d340db014b250d1c78bf05fc33fd469e051d9092df59f7668673cdd7a6a7df47ab5977b241b66da3ad20528c6266ddef9

Score

10^/10

danabot 7 banker trojan

Malware Config

Extracted

Family

danabot

Attributes

type
loader

Extracted

Family

danabot

Botnet

7

C2

192.236.176.108:443

23.254.209.218:443

Attributes

embedded_hash
FF16DCD8834CB7E04B2EEB3200331F40
type
loader

Targets

- Target
  
  ae6a68f651c30d7c6c914114fa14aa0b.exe
- Size
  
  967KB
- MD5
  
  ae6a68f651c30d7c6c914114fa14aa0b
- SHA1
  
  21eeaeb2061461f7bdd20f02542c18cc4ea75baa
- SHA256
  
  f93628943add0691bc80e1db3cee114133ef839e820f50448b3082c46113cb6d
- SHA512
  
  e06c62be260746076290d404f90e797d340db014b250d1c78bf05fc33fd469e051d9092df59f7668673cdd7a6a7df47ab5977b241b66da3ad20528c6266ddef9
Score

10^/10

danabot 7 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot7bankertrojan

behavioral2

danabotbankertrojan