danabot | bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
Size

1.2MB
Sample

220926-zgp2radagk
MD5

199a3b0037920e0ac6d35239f772ab72
SHA1

797c4f73c275e733020b20f818509c7cefb73cf3
SHA256

bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
SHA512

610fe829eff518eb8a746f32d41b18c28e3a22c99fa8e371e7c7f5eea9ad97cdd396dfe7ee336b8968287a40e827c5bc78f12dbc93a76ec2531a22fc43fe6d3e
SSDEEP

24576:HwfOQIbCGzOPYln9AGUBGayPFLD6yBqcOHc+DGfh:HwW/CGzxOGBPFLmyBqcO8+yfh

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840.exe

Resource

win10v2004-20220901-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443

Attributes

embedded_hash
6618C163D57D6441FCCA65D86C4D380D
type
loader

Targets

- Target
  
  bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
- Size
  
  1.2MB
- MD5
  
  199a3b0037920e0ac6d35239f772ab72
- SHA1
  
  797c4f73c275e733020b20f818509c7cefb73cf3
- SHA256
  
  bd7e0c7f7846a218905885b4e27ac1edde2673b0827c2f66b4ffe8ecfe872840
- SHA512
  
  610fe829eff518eb8a746f32d41b18c28e3a22c99fa8e371e7c7f5eea9ad97cdd396dfe7ee336b8968287a40e827c5bc78f12dbc93a76ec2531a22fc43fe6d3e
- SSDEEP
  
  24576:HwfOQIbCGzOPYln9AGUBGayPFLD6yBqcOHc+DGfh:HwW/CGzxOGBPFLmyBqcO8+yfh
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy