danabot | 72cb26ac08fa4ba35112a093b506eb97f730537f9a011a20ad8049d4da6fcb77 | Triage

Resubmissions

03-05-2022 13:05

220503-qbj4wafba7 8

20-04-2022 06:43

220420-hgxcdshgam 8

Sharing

General

Target

8fba92e7730c734197c8e5977533df77.exe
Size

975KB
Sample

220503-qbj4wafba7
MD5

8fba92e7730c734197c8e5977533df77
SHA1

8106d808d0199d230b5943f15b1d85d05334d3ea
SHA256

72cb26ac08fa4ba35112a093b506eb97f730537f9a011a20ad8049d4da6fcb77
SHA512

ab1e7246e219b63b65082de10be4f6880bee0e1b04a50722bb7a1b8cfa81853a5793f581decfc43b5f1cf02d01fdd4fa3bc047cbc28afc0f37f6f87b75b397bb

Score

10^/10

danabot 7 banker trojan

Malware Config

Extracted

Family

danabot

Attributes

type
loader

Extracted

Family

danabot

Botnet

7

C2

192.236.176.108:443

23.254.209.218:443

Attributes

embedded_hash
7E121872EDA1FC9ABB4099F6D6AE1D49
type
loader

Targets

- Target
  
  8fba92e7730c734197c8e5977533df77.exe
- Size
  
  975KB
- MD5
  
  8fba92e7730c734197c8e5977533df77
- SHA1
  
  8106d808d0199d230b5943f15b1d85d05334d3ea
- SHA256
  
  72cb26ac08fa4ba35112a093b506eb97f730537f9a011a20ad8049d4da6fcb77
- SHA512
  
  ab1e7246e219b63b65082de10be4f6880bee0e1b04a50722bb7a1b8cfa81853a5793f581decfc43b5f1cf02d01fdd4fa3bc047cbc28afc0f37f6f87b75b397bb
Score

10^/10

danabot 7 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot7bankertrojan

behavioral2

danabot7bankertrojan