danabot | 2e8691f7ff5bad0085f774087ebac60d90d17b2bf50324e9311f1a3d6ed0dcb6 | Triage

Sharing

General

Target

2e8691f7ff5bad0085f774087ebac60d90d17b2bf50324e9311f1a3d6ed0dcb6
Size

1.9MB
Sample

220918-tm6c2afdar
MD5

62347da244f5978d9583288fc583f70d
SHA1

7b7f348debfd450f2c0f886bd97ade665b932441
SHA256

2e8691f7ff5bad0085f774087ebac60d90d17b2bf50324e9311f1a3d6ed0dcb6
SHA512

db05ac3a3b08ddf25d6d0bc9b28e97d829a6251253c3a430d82d97a12255549bccaf6c1602d4729afc53dbe01cd982ba20216931511740e32d489434adcd0e10
SSDEEP

49152:RUZA7Y3nP7boLvLjHLnUARB+bULaGGqh4BUywgNp8ScpJT:R6tP7wjDLbwB5qh4Fwgb8S0h

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

103.144.139.228:443

213.227.154.98:443

66.85.147.23:443

153.92.223.225:443

Attributes

embedded_hash
A64A3A6ED13022027B84C77D31BE0C74
type
loader

Targets

- Target
  
  2e8691f7ff5bad0085f774087ebac60d90d17b2bf50324e9311f1a3d6ed0dcb6
- Size
  
  1.9MB
- MD5
  
  62347da244f5978d9583288fc583f70d
- SHA1
  
  7b7f348debfd450f2c0f886bd97ade665b932441
- SHA256
  
  2e8691f7ff5bad0085f774087ebac60d90d17b2bf50324e9311f1a3d6ed0dcb6
- SHA512
  
  db05ac3a3b08ddf25d6d0bc9b28e97d829a6251253c3a430d82d97a12255549bccaf6c1602d4729afc53dbe01cd982ba20216931511740e32d489434adcd0e10
- SSDEEP
  
  49152:RUZA7Y3nP7boLvLjHLnUARB+bULaGGqh4BUywgNp8ScpJT:R6tP7wjDLbwB5qh4Fwgb8S0h
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan