danabot | 20641419ff5b85587a388f5c22caa1909cf855b60c0698a1d91d5e0d0e9f9027 | Triage

Sharing

General

Target

20641419ff5b85587a388f5c22caa1909cf855b60c0698a1d91d5e0d0e9f9027
Size

1.3MB
Sample

220926-a1rbgsgfg5
MD5

93bc45aa38bbfb2f09c498121f3bf27f
SHA1

ee5e89cb590d8cbc00cb2102c67d941ccce1af32
SHA256

20641419ff5b85587a388f5c22caa1909cf855b60c0698a1d91d5e0d0e9f9027
SHA512

29fe8329468f825ab70f6fd6405d4e9c7051ddab26d88914e27a77eddc32d44050d785b1df74d6b44f690373ee1ce1e700a3de8ac7b81cd1ff1d3f5b6a9e6513
SSDEEP

24576:zTR+MFEIv4tGufzNyi1CB5AwfO2FQ4r0F+c+/WAaqqhcZ:NvN0s4m5bQ4rWxRqLZ

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  20641419ff5b85587a388f5c22caa1909cf855b60c0698a1d91d5e0d0e9f9027
- Size
  
  1.3MB
- MD5
  
  93bc45aa38bbfb2f09c498121f3bf27f
- SHA1
  
  ee5e89cb590d8cbc00cb2102c67d941ccce1af32
- SHA256
  
  20641419ff5b85587a388f5c22caa1909cf855b60c0698a1d91d5e0d0e9f9027
- SHA512
  
  29fe8329468f825ab70f6fd6405d4e9c7051ddab26d88914e27a77eddc32d44050d785b1df74d6b44f690373ee1ce1e700a3de8ac7b81cd1ff1d3f5b6a9e6513
- SSDEEP
  
  24576:zTR+MFEIv4tGufzNyi1CB5AwfO2FQ4r0F+c+/WAaqqhcZ:NvN0s4m5bQ4rWxRqLZ
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan