danabot | dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e | Triage

Submit
Reports

Overview

overview

Static

static

dcebc2afe8...1e.exe

windows7_x64

dcebc2afe8...1e.exe

windows10-2004_x64

Sharing

General

Target

dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e
Size

579KB
Sample

220625-jmrjrsbgfm
MD5

a8262d370c97e29bbadafc1bf1e9a8d8
SHA1

9e17405cc78961b0a694721214527c6a994240c4
SHA256

dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e
SHA512

7f60ba689d5dbfaa18b831fc40156961a13bb63b4028bafacebf2c05ab44c3630df0fc93f0e33b383355d2b27b36511587e98a5169cf6089830c4b20bb56bd8b

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e.exe

Resource

win7-20220414-en

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e.exe

Resource

win10v2004-20220414-en

danabot banker botnet trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.56.192

5.61.58.130

2.56.212.4

37.149.137.207

160.201.198.109

61.8.211.106

12.37.246.239

93.24.204.214

194.27.196.221

2.56.213.39

rsa_pubkey.plain

Targets

- Target
  
  dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e
- Size
  
  579KB
- MD5
  
  a8262d370c97e29bbadafc1bf1e9a8d8
- SHA1
  
  9e17405cc78961b0a694721214527c6a994240c4
- SHA256
  
  dcebc2afe81190515a12f8e775cce9a65f1ffd75a596236016ae34452cb6b81e
- SHA512
  
  7f60ba689d5dbfaa18b831fc40156961a13bb63b4028bafacebf2c05ab44c3630df0fc93f0e33b383355d2b27b36511587e98a5169cf6089830c4b20bb56bd8b
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy