danabot | c907c9ce0dee0a7a97b5b9f7fec03790a8877ab9626c5b0eee591c76226b76b5 | Triage

Sharing

General

Target

c907c9ce0dee0a7a97b5b9f7fec03790a8877ab9626c5b0eee591c76226b76b5
Size

2.4MB
Sample

220907-s99tascdh7
MD5

0b4d7a738e7e9eae7617eae8ec26eaeb
SHA1

b7194a4f618cb15099411df0179ee17a04dcb79c
SHA256

c907c9ce0dee0a7a97b5b9f7fec03790a8877ab9626c5b0eee591c76226b76b5
SHA512

740c74788fcb02de1c9c0a9531a88975b2360e1cde0ce1b4646b00810fe3ff236242e5b614f7329e8415efbce80f3f942d2d505b4a1d1710f202ccb7dc420cfd
SSDEEP

49152:lGpKw0OwTI4s5uqsmtnE14D/v9s06W76o1pkE+bxqcBt0z0gD8F:lGpKx9TId5uq5Mit36s+bkcBt0zl

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

153.92.223.225:443

198.15.112.179:443

185.62.56.245:443

66.85.147.23:443

Attributes

embedded_hash
61A1CB063216C13FFD2E15D7F3F515E2
type
loader

Targets

- Target
  
  c907c9ce0dee0a7a97b5b9f7fec03790a8877ab9626c5b0eee591c76226b76b5
- Size
  
  2.4MB
- MD5
  
  0b4d7a738e7e9eae7617eae8ec26eaeb
- SHA1
  
  b7194a4f618cb15099411df0179ee17a04dcb79c
- SHA256
  
  c907c9ce0dee0a7a97b5b9f7fec03790a8877ab9626c5b0eee591c76226b76b5
- SHA512
  
  740c74788fcb02de1c9c0a9531a88975b2360e1cde0ce1b4646b00810fe3ff236242e5b614f7329e8415efbce80f3f942d2d505b4a1d1710f202ccb7dc420cfd
- SSDEEP
  
  49152:lGpKw0OwTI4s5uqsmtnE14D/v9s06W76o1pkE+bxqcBt0z0gD8F:lGpKx9TId5uq5Mit36s+bkcBt0zl
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan