danabot | 864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac | Triage

Submit
Reports

Overview

overview

Static

static

864b7f9f04...ac.exe

windows7_x64

864b7f9f04...ac.exe

windows10-2004_x64

Sharing

General

Target

864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
Size

453KB
Sample

220701-qhb2vadgcm
MD5

aa0ceac2adff012dc0ba93e1c5bb72ab
SHA1

31ff6c14bf11786d3084cf569669a0af457d1084
SHA256

864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
SHA512

36200bb05b1dc97b0e6bc17a0add145fa3600f18e701ed568f28c09a19c15e7a4820f37161831450d50ab7be9f232da2fdac5b6f70c069cd0e1003af0570e6e0

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac.exe

Resource

win7-20220414-en

danabot banker botnet trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac.exe

Resource

win10v2004-20220414-en

danabot banker botnet trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

danabot

C2

55.213.39.105

41.170.199.149

192.71.249.51

234.55.93.177

154.247.212.176

160.246.140.43

217.228.238.7

238.44.175.155

180.62.77.191

178.209.51.211

rsa_pubkey.plain

Targets

- Target
  
  864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
- Size
  
  453KB
- MD5
  
  aa0ceac2adff012dc0ba93e1c5bb72ab
- SHA1
  
  31ff6c14bf11786d3084cf569669a0af457d1084
- SHA256
  
  864b7f9f0446958428151bdffbfeb3ce566a1b82ca87b4abeb8e75e1e36f39ac
- SHA512
  
  36200bb05b1dc97b0e6bc17a0add145fa3600f18e701ed568f28c09a19c15e7a4820f37161831450d50ab7be9f232da2fdac5b6f70c069cd0e1003af0570e6e0
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankerbotnettrojan

behavioral2

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy