danabot | 972ecf3e9716320d65fb7160c8b34a664f4d3a6df3299cd4d3fd443c7c1b2d0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

972ecf3e9716320d65fb7160c8b34a664f4d3a6df3299cd4d3fd443c7c1b2d0a
Size

2.4MB
Sample

220909-d96pbaddhk
MD5

02e5c66336826f7641c9627b5dfab1d3
SHA1

b1083b815f760d7043ef6a27dec2edf1ad9f3861
SHA256

972ecf3e9716320d65fb7160c8b34a664f4d3a6df3299cd4d3fd443c7c1b2d0a
SHA512

615b5eb16018b147954568ffa1c8a0c65b8e2e9994ce61e4033b70c78f50904226da679abf8874861d585488ca5ce28dd9ca80cdb001efa91be12ac63695226a
SSDEEP

49152:BF61u8ceA7IGlRqC35+i7+Bo9J59Flge9y9nYgrDbF18KMO:BF64neSlRhJ+iSBo74e9y9brDI

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

153.92.223.225:443

198.15.112.179:443

185.62.56.245:443

66.85.147.23:443

Attributes

embedded_hash
61A1CB063216C13FFD2E15D7F3F515E2
type
loader

Targets

- Target
  
  972ecf3e9716320d65fb7160c8b34a664f4d3a6df3299cd4d3fd443c7c1b2d0a
- Size
  
  2.4MB
- MD5
  
  02e5c66336826f7641c9627b5dfab1d3
- SHA1
  
  b1083b815f760d7043ef6a27dec2edf1ad9f3861
- SHA256
  
  972ecf3e9716320d65fb7160c8b34a664f4d3a6df3299cd4d3fd443c7c1b2d0a
- SHA512
  
  615b5eb16018b147954568ffa1c8a0c65b8e2e9994ce61e4033b70c78f50904226da679abf8874861d585488ca5ce28dd9ca80cdb001efa91be12ac63695226a
- SSDEEP
  
  49152:BF61u8ceA7IGlRqC35+i7+Bo9J59Flge9y9nYgrDbF18KMO:BF64neSlRhJ+iSBo74e9y9brDI
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan