General

  • Target

    malware_smoke_3061005942

  • Size

    1.1MB

  • Sample

    221004-c3lvwshcgm

  • MD5

    2141a496f9a9d04a7a28caef9e888fed

  • SHA1

    9aa0b33782f87c1c3c77c27c877cb2bb60b4ab5f

  • SHA256

    e13640666585c0e82d6cc9f3d2dc3a3da66c3a852b646d59bb7cfa97cc39bffd

  • SHA512

    80f26f43c73b3a5d336a118e3caec0713f9c9d1df5980534887e8d8fd3a9a1bf2008628e9f425b861baa288df727e60cef482f0b33518eddf861d396bcb19d80

  • SSDEEP

    24576:9TwAQDab31LuMbTAf0ZldVmo9I/wQXQihcbDhY7OY:9T716MbTrZtxQXQ+8hEOY

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.106.122.14:443

5.9.224.217:443

192.236.161.4:443

Attributes
  • embedded_hash

    02CDE3C5209428051C9FFF92782DB49C

  • type

    loader

Targets

    • Target

      malware_smoke_3061005942

    • Size

      1.1MB

    • MD5

      2141a496f9a9d04a7a28caef9e888fed

    • SHA1

      9aa0b33782f87c1c3c77c27c877cb2bb60b4ab5f

    • SHA256

      e13640666585c0e82d6cc9f3d2dc3a3da66c3a852b646d59bb7cfa97cc39bffd

    • SHA512

      80f26f43c73b3a5d336a118e3caec0713f9c9d1df5980534887e8d8fd3a9a1bf2008628e9f425b861baa288df727e60cef482f0b33518eddf861d396bcb19d80

    • SSDEEP

      24576:9TwAQDab31LuMbTAf0ZldVmo9I/wQXQihcbDhY7OY:9T716MbTrZtxQXQ+8hEOY

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks