danabot | e5b9ace672dd8021ba842d3c3db19d08499730632902910c8f74fc884513e51b | Triage

Sharing

General

Target

e5b9ace672dd8021ba842d3c3db19d08499730632902910c8f74fc884513e51b
Size

1.3MB
Sample

220925-g3wsbadef7
MD5

a492ac51eb8bb67946e1f1bc6b0a20ee
SHA1

c7095e4482bf5e6afc069611f4ca01d60ac304b7
SHA256

e5b9ace672dd8021ba842d3c3db19d08499730632902910c8f74fc884513e51b
SHA512

48f51f3541e4d514694c36ffb209328dc35fa4a460fae76b3353e8758267eb41cd313913c1509b5edd57eb00619ebd3fdf34d0ee39dc2c39d93761c480d37dda
SSDEEP

24576:f4CSrOYnYWb9G3DlxmugDzsL9fq2fAU0++9OGD5cLGZqzMQ6K59E:o6qb9gDlcug3M9tB0Ow5cLG/n4

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  e5b9ace672dd8021ba842d3c3db19d08499730632902910c8f74fc884513e51b
- Size
  
  1.3MB
- MD5
  
  a492ac51eb8bb67946e1f1bc6b0a20ee
- SHA1
  
  c7095e4482bf5e6afc069611f4ca01d60ac304b7
- SHA256
  
  e5b9ace672dd8021ba842d3c3db19d08499730632902910c8f74fc884513e51b
- SHA512
  
  48f51f3541e4d514694c36ffb209328dc35fa4a460fae76b3353e8758267eb41cd313913c1509b5edd57eb00619ebd3fdf34d0ee39dc2c39d93761c480d37dda
- SSDEEP
  
  24576:f4CSrOYnYWb9G3DlxmugDzsL9fq2fAU0++9OGD5cLGZqzMQ6K59E:o6qb9gDlcug3M9tB0Ow5cLG/n4
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan