danabot | 6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960
Size

1.2MB
Sample

220926-n3dp3abhbk
MD5

e70c8bbbd8faa7cb8fb555f6bbe98a12
SHA1

c6c1d1fa31fe1d2906ef7837c1151a1d13a80679
SHA256

6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960
SHA512

3029d003a4d59dff4549959a030407f47136cfd8b85c985bd55aa800590579e95183d50de740c09cacc7fe2e9113d162c3b1296d7b2dff679c4a77ab7aded0ef
SSDEEP

24576:xImPENtb1LF4cCysOYImXOO9u8TFYFfZd4rj9YlmAxOZppvOGTJ/u:xLsfAIo40S9ZeRkmAxOHpvOG1G

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960.exe

Resource

win10v2004-20220901-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960
- Size
  
  1.2MB
- MD5
  
  e70c8bbbd8faa7cb8fb555f6bbe98a12
- SHA1
  
  c6c1d1fa31fe1d2906ef7837c1151a1d13a80679
- SHA256
  
  6563565af9b7b4e106e8687f64a80922b10dc33e3f4020b07b8b640575d35960
- SHA512
  
  3029d003a4d59dff4549959a030407f47136cfd8b85c985bd55aa800590579e95183d50de740c09cacc7fe2e9113d162c3b1296d7b2dff679c4a77ab7aded0ef
- SSDEEP
  
  24576:xImPENtb1LF4cCysOYImXOO9u8TFYFfZd4rj9YlmAxOZppvOGTJ/u:xLsfAIo40S9ZeRkmAxOHpvOG1G
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy