Overview

overview

10

Static

static

malware_sm...29.exe

windows7-x64

10

malware_sm...29.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_4281809129

  • Size

    1.1MB

  • Sample

    221004-c8bbcaheen

  • MD5

    36c1160582e33d62df2c29a938f4a86f

  • SHA1

    af1133a8a223a965a18bc15bdf69711fc5128e3b

  • SHA256

    1fc8724cc19df186b45a21260de7dc73ff1d915f7bdbce74f92429d1a517b50b

  • SHA512

    3cdf130b1b8494d2442b9796127a8f2638516e54fc6e81691a7ceb1aaed6a505dc5d93ef8c8a42511f283828d03ebc0338e66d1be319f990f13daba4481bea57

  • SSDEEP

    12288:q6sLNmPc68E1+wdxGhJOKzrKUzXJiUIur36CtGNe+vkjeL9mwFCNunVC+YqBSLaf:qpQc69+J7KczIS/72yN8VrwjYgaiL

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.106.122.14:443

5.9.224.217:443

192.236.161.4:443
Attributes
  • embedded_hash

    02CDE3C5209428051C9FFF92782DB49C

  • type

    loader

Targets

    • Target

      malware_smoke_4281809129

    • Size

      1.1MB

    • MD5

      36c1160582e33d62df2c29a938f4a86f

    • SHA1

      af1133a8a223a965a18bc15bdf69711fc5128e3b

    • SHA256

      1fc8724cc19df186b45a21260de7dc73ff1d915f7bdbce74f92429d1a517b50b

    • SHA512

      3cdf130b1b8494d2442b9796127a8f2638516e54fc6e81691a7ceb1aaed6a505dc5d93ef8c8a42511f283828d03ebc0338e66d1be319f990f13daba4481bea57

    • SSDEEP

      12288:q6sLNmPc68E1+wdxGhJOKzrKUzXJiUIur36CtGNe+vkjeL9mwFCNunVC+YqBSLaf:qpQc69+J7KczIS/72yN8VrwjYgaiL

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks