danabot | 2cff87ee47517f962917b1b8fb25a6459ea6855cbc33c2869915838b7b110e0f | Triage

Sharing

General

Target

2cff87ee47517f962917b1b8fb25a6459ea6855cbc33c2869915838b7b110e0f
Size

1.3MB
Sample

220925-3clejsgdh6
MD5

73f8fd588dfd4ae48606a1cd406c45dd
SHA1

f8420b6fb371ef5485dede0f4a76665a7433521a
SHA256

2cff87ee47517f962917b1b8fb25a6459ea6855cbc33c2869915838b7b110e0f
SHA512

4494207a0477264267ac0f33ae23f53a3bd54105f79f8d8f686fe92a909435242deb7d57bd8e28e2f49e15426c8060e8e6831275ee95146d49970fa87bfe819c
SSDEEP

24576:CU4bgCRI9S8vQDezhA1h8gWWg7HdIQLppSVANrhfD+Cqf6lL/5FPW0C:Y3I91Qqz08gzghIQb4ANhD+sC0

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  2cff87ee47517f962917b1b8fb25a6459ea6855cbc33c2869915838b7b110e0f
- Size
  
  1.3MB
- MD5
  
  73f8fd588dfd4ae48606a1cd406c45dd
- SHA1
  
  f8420b6fb371ef5485dede0f4a76665a7433521a
- SHA256
  
  2cff87ee47517f962917b1b8fb25a6459ea6855cbc33c2869915838b7b110e0f
- SHA512
  
  4494207a0477264267ac0f33ae23f53a3bd54105f79f8d8f686fe92a909435242deb7d57bd8e28e2f49e15426c8060e8e6831275ee95146d49970fa87bfe819c
- SSDEEP
  
  24576:CU4bgCRI9S8vQDezhA1h8gWWg7HdIQLppSVANrhfD+Cqf6lL/5FPW0C:Y3I91Qqz08gzghIQb4ANhD+sC0
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan