danabot | 2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992
Size

1.3MB
Sample

220924-qyjfvsbcf9
MD5

0807b260ced82b4814c32ffd3d86ac7f
SHA1

98bace823ddb62f26882e5729d340bb586851b10
SHA256

2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992
SHA512

1ced0b42c9d2e54e458c854aded3e06de155f384fecd33c0b0ff625fc9a4569deabde808b26621747dff6bcf28f204d7c9a48a9718fe2ed449a8115353fa54f3
SSDEEP

24576:bzrv5HjJsqD1gdhQ6RbajJiWA27s1YEuH8nplYNBqa:7v5HVsq5P6xd2I1YE5Mrqa

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992.exe

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

49.0.50.0:57

51.0.52.0:0

53.0.54.0:1200

55.0.56.0:65535

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992
- Size
  
  1.3MB
- MD5
  
  0807b260ced82b4814c32ffd3d86ac7f
- SHA1
  
  98bace823ddb62f26882e5729d340bb586851b10
- SHA256
  
  2c8b2cd601e90b5d7cb1d38e4915ac1769886fbcd3d7d1ecc01da58a83907992
- SHA512
  
  1ced0b42c9d2e54e458c854aded3e06de155f384fecd33c0b0ff625fc9a4569deabde808b26621747dff6bcf28f204d7c9a48a9718fe2ed449a8115353fa54f3
- SSDEEP
  
  24576:bzrv5HjJsqD1gdhQ6RbajJiWA27s1YEuH8nplYNBqa:7v5HVsq5P6xd2I1YE5Mrqa
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy