danabot | 1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f | Triage

Sharing

General

Target

1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f
Size

1.3MB
Sample

220923-g9lwpaddb7
MD5

10b0c3dfacb99f9f2ca02f9df4bc96db
SHA1

13a48798517d9b28961d49bf67f5764b46ca14b7
SHA256

1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f
SHA512

b4fc3b20a9f14c777b8d69ca65d02052a13d45a3ee42fc733bdaa299339ce9c4316534b303ce413a8f43efde7d11213067991b3f969c30fefdd884f571e0cb9f
SSDEEP

24576:4ZR6p8qpPtW8oUTsfTmgxwmZMeawbzJ/Brl7NWZlPq:pyw1UU4fTXxdmezJ

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f
- Size
  
  1.3MB
- MD5
  
  10b0c3dfacb99f9f2ca02f9df4bc96db
- SHA1
  
  13a48798517d9b28961d49bf67f5764b46ca14b7
- SHA256
  
  1fad233d89ace9b3cb104d99c6d73613e768ff06da482097183880c5c716433f
- SHA512
  
  b4fc3b20a9f14c777b8d69ca65d02052a13d45a3ee42fc733bdaa299339ce9c4316534b303ce413a8f43efde7d11213067991b3f969c30fefdd884f571e0cb9f
- SSDEEP
  
  24576:4ZR6p8qpPtW8oUTsfTmgxwmZMeawbzJ/Brl7NWZlPq:pyw1UU4fTXxdmezJ
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan