Overview

overview

10

Static

static

malware_sm...13.exe

windows7-x64

10

malware_sm...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_1948183113

  • Size

    990KB

  • Sample

    221004-qmrcbsbdbj

  • MD5

    4020602025208f7d60159fed7deaf9e6

  • SHA1

    e511bb17221bf322d43374b32fa976d84be22230

  • SHA256

    11188308a802fdedde930ef0248c8729ae745a37d700c247b860831e80cb382f

  • SHA512

    3455639ee6f2307a082d05157f908b3fbea6f2f76b3a2e6ad90c44bf8c0346608b00507d3d497795f8e70262e25e76ed7b435e73341d69432dbdc64fcd06cfbc

  • SSDEEP

    24576:XJU6CFSVtle0DaUnAFc4ihhN2cXB4G1p6E:ayPdIFct3NtRv

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

104.168.167.51:443

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    38025B93DA95E52B49DBD6CF4413C95E

  • type

    loader

Targets

    • Target

      malware_smoke_1948183113

    • Size

      990KB

    • MD5

      4020602025208f7d60159fed7deaf9e6

    • SHA1

      e511bb17221bf322d43374b32fa976d84be22230

    • SHA256

      11188308a802fdedde930ef0248c8729ae745a37d700c247b860831e80cb382f

    • SHA512

      3455639ee6f2307a082d05157f908b3fbea6f2f76b3a2e6ad90c44bf8c0346608b00507d3d497795f8e70262e25e76ed7b435e73341d69432dbdc64fcd06cfbc

    • SSDEEP

      24576:XJU6CFSVtle0DaUnAFc4ihhN2cXB4G1p6E:ayPdIFct3NtRv

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks