Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f

  • Size

    1MB

  • Sample

    220923-g9lwpaddb7

  • MD5

    10b0c3dfacb99f9f2ca02f9df4bc96db

  • SHA1

    13a48798517d9b28961d49bf67f5764b46ca14b7

  • SHA256

    1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f

  • SHA512

    b4fc3b20a9f14c777b8d69ca65d02052a13d45a3ee42fc733bdaa299339ce9c4316534b303ce413a8f43efde7d11213067991b3f969c30fefdd884f571e0cb9f

  • SSDEEP

    24576:4ZR6p8qpPtW8oUTsfTmgxwmZMeawbzJ/Brl7NWZlPq:pyw1UU4fTXxdmezJ

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes
  • embedded_hash

    6618C163D57D6441FCCA65D86C4D380D

  • type

    loader

Targets

    • Target

      1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f

    • Size

      1MB

    • MD5

      10b0c3dfacb99f9f2ca02f9df4bc96db

    • SHA1

      13a48798517d9b28961d49bf67f5764b46ca14b7

    • SHA256

      1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f

    • SHA512

      b4fc3b20a9f14c777b8d69ca65d02052a13d45a3ee42fc733bdaa299339ce9c4316534b303ce413a8f43efde7d11213067991b3f969c30fefdd884f571e0cb9f

    • SSDEEP

      24576:4ZR6p8qpPtW8oUTsfTmgxwmZMeawbzJ/Brl7NWZlPq:pyw1UU4fTXxdmezJ

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot
    behavioral1

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Tasks