Extracted

• • Target

    871eaf1a371f64dd7efd842ecdc68bd164363bf98704efb8b6ab17678b3adc20

  • Size

    146KB

  • MD5

    945fc9f993ddb70f47df69ec479b96be

  • SHA1

    2aa6b68ba86ea01c45b38e362e5cd40619c1b036

  • SHA256

    871eaf1a371f64dd7efd842ecdc68bd164363bf98704efb8b6ab17678b3adc20

  • SHA512

    9f2fc723bdfd6fa9d56c4965646878c82dab70375b81cee3f39c118607c96b5fdec635328b7c8500421e02689701f645e25856522d73e7d33495d20309f8c8ef

  • SSDEEP

    3072:wVFiDGsCyvwAL2HMgxFPOur0Kw7vqN+EMRxrCO:wVF7NAUt8nbqPMRNC

  Score

  10^/10

  danabotsmokeloaderbackdoorbankertrojan

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot

  • Detects Smokeloader packer

  • SmokeLoader

    Modular backdoor trojan in use since 2014.

    trojanbackdoorsmokeloader

  • Downloads MZ/PE file

  • Executes dropped EXE

  behavioral1