danabot | a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd
Size

265KB
Sample

221004-bv7a7afefl
MD5

6582b936b23d5ab61a422397fbecb5b1
SHA1

df2e4c06a12291b99b1d18888e6ca76c9df88300
SHA256

a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd
SHA512

734cc32764a4c802ab46c69fd573d33dbaed4034a6d2a9a4b859639980df8adfb00b2a337f58ff4b1f7b30356ceae9dd4efff60136605df742c0aadbf26391aa
SSDEEP

3072:4XhwCoq9NoPntzC15OtgmoaUFTSgb9FElafzXWrxpzbgqru0UyTN0pZa9uD6VdyF:MTAJOhaWbr7uzbgwuBCuwVf

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd.exe

Resource

win10-20220901-en

danabot smokeloader backdoor banker trojan

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
B820721BF2F0118AA5F8723A0AD25E65
type
loader

Targets

- Target
  
  a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd
- Size
  
  265KB
- MD5
  
  6582b936b23d5ab61a422397fbecb5b1
- SHA1
  
  df2e4c06a12291b99b1d18888e6ca76c9df88300
- SHA256
  
  a2954e397099c472652a243ffc5a72a74a184d64567da16c5336ae3d46adcfcd
- SHA512
  
  734cc32764a4c802ab46c69fd573d33dbaed4034a6d2a9a4b859639980df8adfb00b2a337f58ff4b1f7b30356ceae9dd4efff60136605df742c0aadbf26391aa
- SSDEEP
  
  3072:4XhwCoq9NoPntzC15OtgmoaUFTSgb9FElafzXWrxpzbgqru0UyTN0pZa9uD6VdyF:MTAJOhaWbr7uzbgwuBCuwVf
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy