danabot | aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8
Size

1.3MB
Sample

220924-wyr1wsbgb9
MD5

1df53e1aa831aabf9fc4ef4f7bf46b4f
SHA1

905b118dfb89c9cbb2f1d0256eb1233020fd1b05
SHA256

aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8
SHA512

1298ad0f058a25bc591b98ab7d1aeeeb9765ed0421232d2758af71f1d98131eca5e642dee03190b19c75904221c03c169cf8bdbf3e6a4d2e05859d81d2ce4d25
SSDEEP

24576:cxEOxlfvI13/4WojfgPIb27YglkeKIB87GJAlX5ucEB7ZMPC4pu8O7zN:f2l4JxeIQb2ca86ufbEB7ZM6Cu17

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8.exe

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8
- Size
  
  1.3MB
- MD5
  
  1df53e1aa831aabf9fc4ef4f7bf46b4f
- SHA1
  
  905b118dfb89c9cbb2f1d0256eb1233020fd1b05
- SHA256
  
  aaae59b366dc5b5e8d235e5d648d88a72f7b85f2f2aceae6a343c95aec5247b8
- SHA512
  
  1298ad0f058a25bc591b98ab7d1aeeeb9765ed0421232d2758af71f1d98131eca5e642dee03190b19c75904221c03c169cf8bdbf3e6a4d2e05859d81d2ce4d25
- SSDEEP
  
  24576:cxEOxlfvI13/4WojfgPIb27YglkeKIB87GJAlX5ucEB7ZMPC4pu8O7zN:f2l4JxeIQb2ca86ufbEB7ZM6Cu17
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy