danabot | 21a3c12fa181861883c4516221330d255674ae7378a7455bda0dcd3eb164f56e | Triage

Submit
Reports

Overview

overview

Static

static

0x000a0000...62.dll

windows7_x64

0x000a0000...62.dll

windows10-2004_x64

Sharing

General

Target

0x000a000000003c9f-62.dat
Size

1.3MB
Sample

220618-ayvacsgcg9
MD5

6b94162340dd76da03497c034c3a8ac4
SHA1

a7a7e32c62f1d8f2051e4d6932926d497abcc7cf
SHA256

21a3c12fa181861883c4516221330d255674ae7378a7455bda0dcd3eb164f56e
SHA512

9a59786d105fde33de629cd88b2d61c8d5b3baa2ee2a28388fb076ea00c26361e374029819512ea080eaeb044adb2666b66b66e301809e8d6676f41163289f64

Score

10^/10

danabot 4 banker suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

0x000a000000003c9f-62.dll

Resource

win7-20220414-en

danabot 4 banker suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0x000a000000003c9f-62.dll

Resource

win10v2004-20220414-en

danabot 4 banker suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.206.50:443

192.236.161.79:443

192.236.146.39:443

37.220.31.27:443

Attributes

embedded_hash
7FF0AA10AB3BA961670646D23EAE3911
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  0x000a000000003c9f-62.dat
- Size
  
  1.3MB
- MD5
  
  6b94162340dd76da03497c034c3a8ac4
- SHA1
  
  a7a7e32c62f1d8f2051e4d6932926d497abcc7cf
- SHA256
  
  21a3c12fa181861883c4516221330d255674ae7378a7455bda0dcd3eb164f56e
- SHA512
  
  9a59786d105fde33de629cd88b2d61c8d5b3baa2ee2a28388fb076ea00c26361e374029819512ea080eaeb044adb2666b66b66e301809e8d6676f41163289f64
Score

10^/10

danabot 4 banker suricata trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- suricata: ET MALWARE Danabot Key Exchange Request
  suricata: ET MALWARE Danabot Key Exchange Request
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankersuricatatrojan

behavioral2

danabot4bankersuricatatrojan

© 2018-2024

Terms | Privacy