Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    144s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    26-09-2022 17:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c784d7449bdac569e387240729b5e13f13be80f613e1ec71112a8853e834e273.exe

  • Size

    1.2MB

  • MD5

    dd0c13f8c9d5e919279a39759b0a6b55

  • SHA1

    3fa6bf6011b9256d19a78d433a8d9c4a449c84fd

  • SHA256

    c784d7449bdac569e387240729b5e13f13be80f613e1ec71112a8853e834e273

  • SHA512

    0f6deba86678f539f45dbed31e63c33252acc089870a63101f92b0901badc0c3e851d39eba5ec3876f7fabc421457e1ed16b65f4a43adb2e964f5abade16a72d

  • SSDEEP

    24576:XJRNslrKkZELxvzNKZ1zg3/OZXR0f/7ZREluMupUDoZ:XJYILxvhKZ1M1f/dyEvmD

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

Attributes
  • embedded_hash

    6618C163D57D6441FCCA65D86C4D380D

  • type

    loader

Signatures

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c784d7449bdac569e387240729b5e13f13be80f613e1ec71112a8853e834e273.exe
    "C:\Users\Admin\AppData\Local\Temp\c784d7449bdac569e387240729b5e13f13be80f613e1ec71112a8853e834e273.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4940
    • C:\Windows\SysWOW64\appidtel.exe
      C:\Windows\system32\appidtel.exe
      2⤵
        PID:1796

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1796-152-0x0000000000000000-mapping.dmp
      Download
    • memory/1796-164-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-163-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-161-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-162-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-160-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-159-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-158-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-156-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-155-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-154-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1796-153-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-145-0x0000000002470000-0x000000000274B000-memory.dmp
      Filesize

      2.9MB

      Download
    • memory/4940-150-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-134-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-136-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-137-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-138-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-139-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-140-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-141-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-142-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-143-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-144-0x0000000002340000-0x000000000246E000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/4940-120-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-146-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-147-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-148-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-149-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-133-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-151-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-132-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-131-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-130-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-129-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-128-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-157-0x0000000000400000-0x00000000006E8000-memory.dmp
      Filesize

      2.9MB

      Download
    • memory/4940-127-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-126-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-125-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-124-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-123-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-122-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-121-0x0000000077D50000-0x0000000077EDE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/4940-165-0x0000000002470000-0x000000000274B000-memory.dmp
      Filesize

      2.9MB

      Download
    • memory/4940-166-0x0000000000400000-0x00000000006E8000-memory.dmp
      Filesize

      2.9MB

      Download
    • memory/4940-167-0x0000000000400000-0x00000000006E8000-memory.dmp
      Filesize

      2.9MB

      Download
    • memory/4940-168-0x0000000000400000-0x00000000006E8000-memory.dmp
      Filesize

      2.9MB

      Download