Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ddecbfa055a61ad95be51871c8a311d2d17664818451b29c416fb6300232cee5

  • Size

    1.9MB

  • Sample

    220916-zvdwmsgfc2

  • MD5

    b1a6159122e711843f001c2e366c02f0

  • SHA1

    001cfe474aba913e315806e830a923a3be13d3b4

  • SHA256

    ddecbfa055a61ad95be51871c8a311d2d17664818451b29c416fb6300232cee5

  • SHA512

    b19e1bd2af815928a1f98efebb179dc2a7a148d213dd33fb730787e02955095d937fb84d9a057f7c0aae97e4a25390cf62e578d862bff55ea397ad3639ca8e90

  • SSDEEP

    49152:txeZ5h5DsOhkQQ1GBGVysDcD4+nFoqEsbKhW:txA5JsKG0sD444+q3

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

103.144.139.228:443

213.227.154.98:443

66.85.147.23:443

153.92.223.225:443
Attributes
  • embedded_hash

    A64A3A6ED13022027B84C77D31BE0C74

  • type

    loader

Targets

    • Target

      ddecbfa055a61ad95be51871c8a311d2d17664818451b29c416fb6300232cee5

    • Size

      1.9MB

    • MD5

      b1a6159122e711843f001c2e366c02f0

    • SHA1

      001cfe474aba913e315806e830a923a3be13d3b4

    • SHA256

      ddecbfa055a61ad95be51871c8a311d2d17664818451b29c416fb6300232cee5

    • SHA512

      b19e1bd2af815928a1f98efebb179dc2a7a148d213dd33fb730787e02955095d937fb84d9a057f7c0aae97e4a25390cf62e578d862bff55ea397ad3639ca8e90

    • SSDEEP

      49152:txeZ5h5DsOhkQQ1GBGVysDcD4+nFoqEsbKhW:txA5JsKG0sD444+q3

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Matrix

Tasks