danabot | 10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e | Triage

Submit
Reports

Overview

overview

Static

static

10c92b7891...3e.dll

windows7_x64

10c92b7891...3e.dll

windows10-2004_x64

8

Sharing

General

Target

10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e
Size

1.4MB
Sample

220604-ncvwnahcaj
MD5

6a86d3fb1a90c7666e387bd04302fd05
SHA1

a70bdad019bbfd78d6923f601e460a0541a445ad
SHA256

10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e
SHA512

6a631a41626ff63c1e57d43b3f94b143615eee683d63ed99b06f79609c80f47309ff903d953728bf3237317e8ed6c36a9d5dd4f379bfd58ffd74de4ba41ce553

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e.dll

Resource

win7-20220414-en

danabot banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e.dll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

143.201.228.190

73.99.137.26

66.126.174.168

149.154.159.213

26.12.239.107

122.216.144.4

219.230.54.33

203.208.47.206

113.136.150.189

151.236.14.84

rsa_pubkey.plain

Targets

- Target
  
  10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e
- Size
  
  1.4MB
- MD5
  
  6a86d3fb1a90c7666e387bd04302fd05
- SHA1
  
  a70bdad019bbfd78d6923f601e460a0541a445ad
- SHA256
  
  10c92b7891831afa7adc4b9e33be8eaff1a11ec4479103a4428b8d2a2c0e8a3e
- SHA512
  
  6a631a41626ff63c1e57d43b3f94b143615eee683d63ed99b06f79609c80f47309ff903d953728bf3237317e8ed6c36a9d5dd4f379bfd58ffd74de4ba41ce553
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

© 2018-2024

Terms | Privacy