danabot | 8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37
Size

1.3MB
Sample

220924-sdg4eacggj
MD5

a366ffd6f4c4ef7de6d79f2140953169
SHA1

34a0a0777e2428686b1d77913473d9658aafc52c
SHA256

8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37
SHA512

0d03ddc6c816b0d7639a8006a89220a8f3562b8052b421dd890cf45e82a60bdbfe74f7c80bc53d067f29e205b60b258eab6a6202a49d53531df242ff58423ec1
SSDEEP

24576:Org/WJLIv0ifqK+g1wrHq2dNhdV7j7XalPL9davWZxkBEngzBSbvqON7+tBzzs:cgOJsvxCK+g1/2p3fUKvWZxyEgzBCNkh

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37.exe

Resource

win10v2004-20220901-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37
- Size
  
  1.3MB
- MD5
  
  a366ffd6f4c4ef7de6d79f2140953169
- SHA1
  
  34a0a0777e2428686b1d77913473d9658aafc52c
- SHA256
  
  8e3c8d7f6da9cac6214ad72a7978f070e04574168aabfd6c54dd63fec14a4a37
- SHA512
  
  0d03ddc6c816b0d7639a8006a89220a8f3562b8052b421dd890cf45e82a60bdbfe74f7c80bc53d067f29e205b60b258eab6a6202a49d53531df242ff58423ec1
- SSDEEP
  
  24576:Org/WJLIv0ifqK+g1wrHq2dNhdV7j7XalPL9davWZxkBEngzBSbvqON7+tBzzs:cgOJsvxCK+g1/2p3fUKvWZxyEgzBCNkh
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy