Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

malware_sm...84.exe

windows7-x64

10

malware_sm...84.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_1190770884

  • Size

    1.0MB

  • Sample

    221004-q53hbabba9

  • MD5

    5b64b4c975ff001a2d99bf9b65b4b8bb

  • SHA1

    a234b171340ca47f2a2fba0705911c61416e8985

  • SHA256

    2650817e2703b15c7e6fbf4d4caace2066f50db88fc96862190c4daf32d186e7

  • SHA512

    7a923c06534c9d29d9911760ad3b3ebd685806ff2cb157a055616532cf7aeabe362005e6ab38d669087b076840d70f77bbd6f14500fc98b56c4f2cbe6856cd5d

  • SSDEEP

    24576:vbahsA6iHbGRj+x7UkpFU/UzPkgSSML3xitJwDSmAESmB:OhsTibGRjM7UkpFRMxqwM

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    5C4A9996E213E13DC6AC3BC28C895A29

  • type

    loader

Targets

    • Target

      malware_smoke_1190770884

    • Size

      1.0MB

    • MD5

      5b64b4c975ff001a2d99bf9b65b4b8bb

    • SHA1

      a234b171340ca47f2a2fba0705911c61416e8985

    • SHA256

      2650817e2703b15c7e6fbf4d4caace2066f50db88fc96862190c4daf32d186e7

    • SHA512

      7a923c06534c9d29d9911760ad3b3ebd685806ff2cb157a055616532cf7aeabe362005e6ab38d669087b076840d70f77bbd6f14500fc98b56c4f2cbe6856cd5d

    • SSDEEP

      24576:vbahsA6iHbGRj+x7UkpFU/UzPkgSSML3xitJwDSmAESmB:OhsTibGRjM7UkpFRMxqwM

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks