danabot | ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888 | Triage

Resubmissions

03-05-2022 13:27

220503-qp34xaabfj 8

26-04-2022 04:40

220426-fajfvabab3 8

Sharing

General

Target

341d69cf4f5d9be493ebe9913f4150cf.exe
Size

1.1MB
Sample

220503-qp34xaabfj
MD5

341d69cf4f5d9be493ebe9913f4150cf
SHA1

b043c610bf6b1fea68701910870d439501d8f832
SHA256

ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888
SHA512

50534e155760d2dde64e0737f90b63d35c1b0e3136007476d9e62b8eaf0bfb42225a57dc340c12e45a7346cdf56a857e403b4230d561b32991f1155f4d8294ab

Score

10^/10

danabot 7 banker trojan

Malware Config

Extracted

Family

danabot

Attributes

type
loader

Extracted

Family

danabot

Botnet

7

C2

192.236.176.108:443

23.254.209.218:443

Attributes

embedded_hash
F05AD7842A54466C7E7FBCE36DCCAB8C
type
loader

Targets

- Target
  
  341d69cf4f5d9be493ebe9913f4150cf.exe
- Size
  
  1.1MB
- MD5
  
  341d69cf4f5d9be493ebe9913f4150cf
- SHA1
  
  b043c610bf6b1fea68701910870d439501d8f832
- SHA256
  
  ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888
- SHA512
  
  50534e155760d2dde64e0737f90b63d35c1b0e3136007476d9e62b8eaf0bfb42225a57dc340c12e45a7346cdf56a857e403b4230d561b32991f1155f4d8294ab
Score

10^/10

danabot 7 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot7bankertrojan

behavioral2

danabot7bankertrojan