danabot | d67555c76020e3eea12e23a97fe127567ef23788a80923b3d10e6d683bcfe9f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d67555c76020e3eea12e23a97fe127567ef23788a80923b3d10e6d683bcfe9f5
Size

1.9MB
Sample

220917-pll6jsdfhr
MD5

c7a6e6c10c0979b5a9af7a5237e1877f
SHA1

e54ff1a5c1000c8b12db3b600b51126a38475185
SHA256

d67555c76020e3eea12e23a97fe127567ef23788a80923b3d10e6d683bcfe9f5
SHA512

f2b8325828c8fe529fc449d4821fb952541d4819f828df036bb77603ad1044e3775f49be43abaf908fd62794db8c9fc57f7ddb1839e2d51457271e1ddfacaa8c
SSDEEP

49152:Md93fLdTIWvEAfMeMdgSx2UUnMo8Nhz2mzb1f:Md9vhTnc1r32U8M1ci1f

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

103.144.139.228:443

213.227.154.98:443

66.85.147.23:443

153.92.223.225:443

Attributes

embedded_hash
A64A3A6ED13022027B84C77D31BE0C74
type
loader

Targets

- Target
  
  d67555c76020e3eea12e23a97fe127567ef23788a80923b3d10e6d683bcfe9f5
- Size
  
  1.9MB
- MD5
  
  c7a6e6c10c0979b5a9af7a5237e1877f
- SHA1
  
  e54ff1a5c1000c8b12db3b600b51126a38475185
- SHA256
  
  d67555c76020e3eea12e23a97fe127567ef23788a80923b3d10e6d683bcfe9f5
- SHA512
  
  f2b8325828c8fe529fc449d4821fb952541d4819f828df036bb77603ad1044e3775f49be43abaf908fd62794db8c9fc57f7ddb1839e2d51457271e1ddfacaa8c
- SSDEEP
  
  49152:Md93fLdTIWvEAfMeMdgSx2UUnMo8Nhz2mzb1f:Md9vhTnc1r32U8M1ci1f
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan