Overview

overview

10

Static

static

1322ae78c8...6d.dll

windows7_x64

10

1322ae78c8...6d.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1322ae78c8352abc316a3ec642f8acf7a0187d2796bfd67c53fd64722bdcba6d

  • Size

    1.2MB

  • Sample

    220603-qkkrrsfch6

  • MD5

    7ef8cd0a29c3dfa39a5a98cf7c086ae9

  • SHA1

    b6f558f6460c3fdd0029860e38a08eee31941c01

  • SHA256

    1322ae78c8352abc316a3ec642f8acf7a0187d2796bfd67c53fd64722bdcba6d

  • SHA512

    d8a8d6fc34003d726ccd16bc1dabde97d63bcb32d5714478b08c98d6237fa06cffeb79ce9c51c1e11e6a00e96fa0a6df90ced26f6e51a3ff70626d0f67704483

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

149.154.159.213

221.11.15.186

140.200.163.110

238.214.73.11

77.163.235.35

151.236.14.84

204.201.196.112

43.150.102.9

115.91.243.217

198.6.155.175
rsa_pubkey.plain

Targets

    • Target

      1322ae78c8352abc316a3ec642f8acf7a0187d2796bfd67c53fd64722bdcba6d

    • Size

      1.2MB

    • MD5

      7ef8cd0a29c3dfa39a5a98cf7c086ae9

    • SHA1

      b6f558f6460c3fdd0029860e38a08eee31941c01

    • SHA256

      1322ae78c8352abc316a3ec642f8acf7a0187d2796bfd67c53fd64722bdcba6d

    • SHA512

      d8a8d6fc34003d726ccd16bc1dabde97d63bcb32d5714478b08c98d6237fa06cffeb79ce9c51c1e11e6a00e96fa0a6df90ced26f6e51a3ff70626d0f67704483

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks