danabot | 2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186
Size

248KB
Sample

220913-wdy9gacaap
MD5

df942701dfde65f3efa4077812d7c10b
SHA1

059e2106f023925a0daee47eec73aabcd61fedbc
SHA256

2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186
SHA512

14f26e2783ca96dc6ca072816a81d7ec38fec5f78fa5dafff2428ff0d062c0cf97ab54a76f2b8d577560aa42482ef43d324cfa88de6d6afc1dcd501a08125a95
SSDEEP

6144:z686h7LNl/50Ujn6QzNqgPsNoJ6XhBIh2tN:mx7LP/50Ujn6Q/uoJ6x1

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186.exe

Resource

win10v2004-20220812-en

danabot smokeloader backdoor banker trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

153.92.223.225:443

198.15.112.179:443

185.62.56.245:443

66.85.147.23:443

Attributes

embedded_hash
61A1CB063216C13FFD2E15D7F3F515E2
type
loader

Targets

- Target
  
  2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186
- Size
  
  248KB
- MD5
  
  df942701dfde65f3efa4077812d7c10b
- SHA1
  
  059e2106f023925a0daee47eec73aabcd61fedbc
- SHA256
  
  2915f4d42ecd6891b7b021179b1f5a3e30021513083e965f81fb0026a195f186
- SHA512
  
  14f26e2783ca96dc6ca072816a81d7ec38fec5f78fa5dafff2428ff0d062c0cf97ab54a76f2b8d577560aa42482ef43d324cfa88de6d6afc1dcd501a08125a95
- SSDEEP
  
  6144:z686h7LNl/50Ujn6QzNqgPsNoJ6XhBIh2tN:mx7LP/50Ujn6Q/uoJ6x1
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy