Resubmissions

03-05-2022 13:04

220503-qbdbbshfdk 8

25-04-2022 15:50

220425-s9x5haggej 8

General

  • Target

    201715e350439f6d19ce61769e5bb8d5.exe

  • Size

    1.0MB

  • Sample

    220503-qbdbbshfdk

  • MD5

    201715e350439f6d19ce61769e5bb8d5

  • SHA1

    38f5365dfe6d9d31d75b5637ddcbdb8db8cb35c6

  • SHA256

    35bb9fb5b4801c32caa7c9b1d178f6a11d88cf849394333d450d9fc36dac0c1f

  • SHA512

    32eaa99506f68b8a9f814f795fc0f10fa426ff91f10cb0ea3ae5684a5b468fcf066bc05c3b1146f649e310813d0a32e4d1b6d86ac761ca07914ab3c14e2a8c72

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

6

C2

192.236.160.249:443

104.168.234.51:443

23.254.161.215:443

192.236.147.212:443

Attributes
  • embedded_hash

    A471231BC0846BE9EFCDD39DCBA967C5

  • type

    loader

Extracted

Family

danabot

Attributes
  • type

    loader

Targets

    • Target

      201715e350439f6d19ce61769e5bb8d5.exe

    • Size

      1.0MB

    • MD5

      201715e350439f6d19ce61769e5bb8d5

    • SHA1

      38f5365dfe6d9d31d75b5637ddcbdb8db8cb35c6

    • SHA256

      35bb9fb5b4801c32caa7c9b1d178f6a11d88cf849394333d450d9fc36dac0c1f

    • SHA512

      32eaa99506f68b8a9f814f795fc0f10fa426ff91f10cb0ea3ae5684a5b468fcf066bc05c3b1146f649e310813d0a32e4d1b6d86ac761ca07914ab3c14e2a8c72

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks