Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7b7a64e87b2f0a2976ad94c4d9def2b9104f9ef02b8d7ef9d33ab44d2c20a48f

  • Size

    1.8MB

  • Sample

    220915-wcbf1shdfr

  • MD5

    b662d03c37b93830614c032543cac61a

  • SHA1

    0bda9df5ee83eb0e2f51cbba93e729276f0eb30d

  • SHA256

    7b7a64e87b2f0a2976ad94c4d9def2b9104f9ef02b8d7ef9d33ab44d2c20a48f

  • SHA512

    9fac4d43717455d27ae7a15d7f218f8a0ada44aebdd8f5055cdc677ce76b952c42acfaa9cae6057500be9549fedd712ae26ef74431358f33845998b19ef04713

  • SSDEEP

    49152:2/jyjovVNEoo4R++CQ9SgtOAjkgM5S374K+zG:2/Wuy94R++CASgtdjfB8K+zG

Score
10/10

Malware Config

Extracted

Family

danabot

C2

103.144.139.228:443

213.227.154.98:443

66.85.147.23:443

153.92.223.225:443

Attributes
  • embedded_hash

    A64A3A6ED13022027B84C77D31BE0C74

  • type

    loader

Targets

    • Target

      7b7a64e87b2f0a2976ad94c4d9def2b9104f9ef02b8d7ef9d33ab44d2c20a48f

    • Size

      1.8MB

    • MD5

      b662d03c37b93830614c032543cac61a

    • SHA1

      0bda9df5ee83eb0e2f51cbba93e729276f0eb30d

    • SHA256

      7b7a64e87b2f0a2976ad94c4d9def2b9104f9ef02b8d7ef9d33ab44d2c20a48f

    • SHA512

      9fac4d43717455d27ae7a15d7f218f8a0ada44aebdd8f5055cdc677ce76b952c42acfaa9cae6057500be9549fedd712ae26ef74431358f33845998b19ef04713

    • SSDEEP

      49152:2/jyjovVNEoo4R++CQ9SgtOAjkgM5S374K+zG:2/Wuy94R++CASgtdjfB8K+zG

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks