danabot | ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5 | Triage

Submit
Reports

Overview

overview

Static

static

ed9808b275...b5.dll

windows7_x64

ed9808b275...b5.dll

windows10-2004_x64

8

Sharing

General

Target

ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5
Size

512KB
Sample

220524-3h3wsabfg4
MD5

1d574658c5cc61b7af60cbf0c68aa4d6
SHA1

2031580640fc9d9e0d300b4ea3db84ba2e6d4134
SHA256

ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5
SHA512

82327b4ab9b39ae329bbff65e8b054dbfb25f7a9f7f76099417be8b5b763877d684a6d6f76f97b32e4b99c50688c78de8928f1b11bc4d3f90a1c8b07355959f9

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5.dll

Resource

win7-20220414-en

danabot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

151.226.22.14

63.187.160.173

251.50.193.46

192.71.249.51

219.106.246.140

77.181.77.51

89.144.25.104

117.213.145.115

157.245.213.51

242.221.253.4

rsa_pubkey.plain

Targets

- Target
  
  ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5
- Size
  
  512KB
- MD5
  
  1d574658c5cc61b7af60cbf0c68aa4d6
- SHA1
  
  2031580640fc9d9e0d300b4ea3db84ba2e6d4134
- SHA256
  
  ed9808b275685f47523546b63fa36c06e561f5a293b21d1b2556291bffd613b5
- SHA512
  
  82327b4ab9b39ae329bbff65e8b054dbfb25f7a9f7f76099417be8b5b763877d684a6d6f76f97b32e4b99c50688c78de8928f1b11bc4d3f90a1c8b07355959f9
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

© 2018-2024

Terms | Privacy