danabot | 3287dfa4973f994e01390bfa6ea6980b0ee8ad69b0460948733ea55b0af81466 | Triage

Sharing

General

Target

3287dfa4973f994e01390bfa6ea6980b0ee8ad69b0460948733ea55b0af81466
Size

1.3MB
Sample

220925-nmb7asfgan
MD5

6b10a64fb82848400f9ff6933db648a7
SHA1

97cad5e5bd2e2f6b61fd664dd6a5b93874ee9d1d
SHA256

3287dfa4973f994e01390bfa6ea6980b0ee8ad69b0460948733ea55b0af81466
SHA512

f5f7117272497ce3c3d08eac48797ce0eb461f6cf5f6169825839bf71bce5a4be8e1e75c9c8d8a1853c18834c4b7900bfe638773d34c7c270fb0f241c1c29ced
SSDEEP

24576:27/NSj6CiJzXEo7PYzaO6zA8kJJ8tMfAJ7idChMXtu05FhoccHe0C6/V:U/cjZo57PiPzru1J5MtZ5veC6

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  3287dfa4973f994e01390bfa6ea6980b0ee8ad69b0460948733ea55b0af81466
- Size
  
  1.3MB
- MD5
  
  6b10a64fb82848400f9ff6933db648a7
- SHA1
  
  97cad5e5bd2e2f6b61fd664dd6a5b93874ee9d1d
- SHA256
  
  3287dfa4973f994e01390bfa6ea6980b0ee8ad69b0460948733ea55b0af81466
- SHA512
  
  f5f7117272497ce3c3d08eac48797ce0eb461f6cf5f6169825839bf71bce5a4be8e1e75c9c8d8a1853c18834c4b7900bfe638773d34c7c270fb0f241c1c29ced
- SSDEEP
  
  24576:27/NSj6CiJzXEo7PYzaO6zA8kJJ8tMfAJ7idChMXtu05FhoccHe0C6/V:U/cjZo57PiPzru1J5MtZ5veC6
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan