danabot | 90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97 | Triage

Submit
Reports

Overview

overview

Static

static

90ee20a62b...97.exe

windows7_x64

90ee20a62b...97.exe

windows10-2004_x64

Sharing

General

Target

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
Size

2.6MB
Sample

220524-s7wtnagde7
MD5

95e5ade6dc73995c3aead518331fc6d1
SHA1

99f3f68704a6c2c5e5cdda3eeff3122fc78a2ae4
SHA256

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
SHA512

8d56b8152740684f508629b644cc133a99e84e24cafa00b1a81ab91f6cbcba587022cca3323ce7739b65284c38c534822b974ab0330ab50d9a682b509e5942e3

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97.exe

Resource

win7-20220414-en

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97.exe

Resource

win10v2004-20220414-en

danabot banker botnet trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

51.178.195.151

51.222.39.81

149.255.35.125

38.68.50.179

51.77.7.204

rsa_pubkey.plain

Targets

- Target
  
  90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
- Size
  
  2.6MB
- MD5
  
  95e5ade6dc73995c3aead518331fc6d1
- SHA1
  
  99f3f68704a6c2c5e5cdda3eeff3122fc78a2ae4
- SHA256
  
  90ee20a62bdeebc3dd489ed275e9b8da56638bf19e44bed8c43e7e4bc9e12f97
- SHA512
  
  8d56b8152740684f508629b644cc133a99e84e24cafa00b1a81ab91f6cbcba587022cca3323ce7739b65284c38c534822b974ab0330ab50d9a682b509e5942e3
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy