Overview

overview

10

Static

static

malware_sm...58.exe

windows7-x64

10

malware_sm...58.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2023851858

  • Size

    1.0MB

  • Sample

    221004-q84jsabbb6

  • MD5

    9f8317bfddacbaf1f683d0c510eeb3a1

  • SHA1

    f068c51bacb11e40a05cfced8f4d2b5b33968706

  • SHA256

    5ddd99e29124b4d53e2601159dac900506af9ecb753950adf336d1fa8b96d4cc

  • SHA512

    88913e89b9df7b9da1ede38acd782fbc3b61a709ddf54860a0c30afa006241f06464036ea496988cd7d9bd9ccbf77d13671c65f41d50d1910b10e8d8b90d098b

  • SSDEEP

    24576:NnK3WqmTAxH1g+HLP0kc8Pwyh39GzhZNB:o3WqmMnXfc8SP

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    5C4A9996E213E13DC6AC3BC28C895A29

  • type

    loader

Targets

    • Target

      malware_smoke_2023851858

    • Size

      1.0MB

    • MD5

      9f8317bfddacbaf1f683d0c510eeb3a1

    • SHA1

      f068c51bacb11e40a05cfced8f4d2b5b33968706

    • SHA256

      5ddd99e29124b4d53e2601159dac900506af9ecb753950adf336d1fa8b96d4cc

    • SHA512

      88913e89b9df7b9da1ede38acd782fbc3b61a709ddf54860a0c30afa006241f06464036ea496988cd7d9bd9ccbf77d13671c65f41d50d1910b10e8d8b90d098b

    • SSDEEP

      24576:NnK3WqmTAxH1g+HLP0kc8Pwyh39GzhZNB:o3WqmMnXfc8SP

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks