danabot | a4bdaf60196affc07e89127ecdbc98f15b407b4277dafe376a81970302ec65cf | Triage

Sharing

General

Target

a4bdaf60196affc07e89127ecdbc98f15b407b4277dafe376a81970302ec65cf
Size

1.9MB
Sample

220918-paj7tafbcm
MD5

46eb816e57c33cae88df6608d851ade8
SHA1

94d7db710fb0afe66654880a5ebe7e59683aea44
SHA256

a4bdaf60196affc07e89127ecdbc98f15b407b4277dafe376a81970302ec65cf
SHA512

f1833b1b02e4a00bc7b93bb8e20c2835968ce287853448e8f98c97477fd9bae0a498e9dcbca06f66bbe0a1b385284c147dbd1be21e2fe2f1214da33cb94c5c49
SSDEEP

49152:uolsDCwMKZrQUcSm75WhnOPUWETYTPzx/QY2CiMKcC:uoaoSUUcWOPsTYTPzx/QY2vcC

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

103.144.139.228:443

213.227.154.98:443

66.85.147.23:443

153.92.223.225:443

Attributes

embedded_hash
A64A3A6ED13022027B84C77D31BE0C74
type
loader

Targets

- Target
  
  a4bdaf60196affc07e89127ecdbc98f15b407b4277dafe376a81970302ec65cf
- Size
  
  1.9MB
- MD5
  
  46eb816e57c33cae88df6608d851ade8
- SHA1
  
  94d7db710fb0afe66654880a5ebe7e59683aea44
- SHA256
  
  a4bdaf60196affc07e89127ecdbc98f15b407b4277dafe376a81970302ec65cf
- SHA512
  
  f1833b1b02e4a00bc7b93bb8e20c2835968ce287853448e8f98c97477fd9bae0a498e9dcbca06f66bbe0a1b385284c147dbd1be21e2fe2f1214da33cb94c5c49
- SSDEEP
  
  49152:uolsDCwMKZrQUcSm75WhnOPUWETYTPzx/QY2CiMKcC:uoaoSUUcWOPsTYTPzx/QY2vcC
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan