danabot | 445a3bc88196003a4ba6802589960693e8194c01c8f5f078ccdd5e72ed1ef475 | Triage

Sharing

General

Target

445a3bc88196003a4ba6802589960693e8194c01c8f5f078ccdd5e72ed1ef475
Size

1.4MB
Sample

220929-ts7haabdc7
MD5

b8878eeed50884a2ab56ed2862569c2c
SHA1

bf34ed8d85d6157811b77580a329a7f505ef0812
SHA256

445a3bc88196003a4ba6802589960693e8194c01c8f5f078ccdd5e72ed1ef475
SHA512

ca567519d9555e51df7c9f1d977e250ee8e595ba218ce5d389b573dd00938f9e864d9d63bca9def8e1f4e169867b125aac420175963171206c39f07561f9e1bf
SSDEEP

24576:eKcG+6ybjM33kExqDiZtz0eOEwa7PKE++j5KXOJZwTb+:ehGhyH4bqDiv0yd7PKxa5Kj

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

23.106.124.171:443

192.119.70.159:443

Attributes

embedded_hash
A813CAF845B5703DA814AF785BB60B21
type
loader

Targets

- Target
  
  445a3bc88196003a4ba6802589960693e8194c01c8f5f078ccdd5e72ed1ef475
- Size
  
  1.4MB
- MD5
  
  b8878eeed50884a2ab56ed2862569c2c
- SHA1
  
  bf34ed8d85d6157811b77580a329a7f505ef0812
- SHA256
  
  445a3bc88196003a4ba6802589960693e8194c01c8f5f078ccdd5e72ed1ef475
- SHA512
  
  ca567519d9555e51df7c9f1d977e250ee8e595ba218ce5d389b573dd00938f9e864d9d63bca9def8e1f4e169867b125aac420175963171206c39f07561f9e1bf
- SSDEEP
  
  24576:eKcG+6ybjM33kExqDiZtz0eOEwa7PKE++j5KXOJZwTb+:ehGhyH4bqDiv0yd7PKxa5Kj
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan