danabot | d6fd66880b910ec9531fd9f534c9bea659976f72be7789d5f75e923a12c69048 | Triage

Sharing

General

Target

d6fd66880b910ec9531fd9f534c9bea659976f72be7789d5f75e923a12c69048
Size

1.3MB
Sample

220924-nl9feabbf9
MD5

ce4ad3f233333397580843b56b17eaa4
SHA1

2ec3e070183b26af6dd8afe63d0bebb9e3c8b902
SHA256

d6fd66880b910ec9531fd9f534c9bea659976f72be7789d5f75e923a12c69048
SHA512

06275470139a17f23f4bcd93b06514e71ee40e9ee44ebda5d28b6d6c94af687d29346210cc127b5bec1ec657326fea109afdb6172319393855a4ea352388fb43
SSDEEP

24576:Vs8riw1bDVwgFbotKsDKT0wzLhL7bUJ3a+Jx9/I96TXvSisTOixM1p6juZJo:Le2VVKK30wzlrkK+CMXvH44f6aZ

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  d6fd66880b910ec9531fd9f534c9bea659976f72be7789d5f75e923a12c69048
- Size
  
  1.3MB
- MD5
  
  ce4ad3f233333397580843b56b17eaa4
- SHA1
  
  2ec3e070183b26af6dd8afe63d0bebb9e3c8b902
- SHA256
  
  d6fd66880b910ec9531fd9f534c9bea659976f72be7789d5f75e923a12c69048
- SHA512
  
  06275470139a17f23f4bcd93b06514e71ee40e9ee44ebda5d28b6d6c94af687d29346210cc127b5bec1ec657326fea109afdb6172319393855a4ea352388fb43
- SSDEEP
  
  24576:Vs8riw1bDVwgFbotKsDKT0wzLhL7bUJ3a+Jx9/I96TXvSisTOixM1p6juZJo:Le2VVKK30wzlrkK+CMXvH44f6aZ
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan