Overview

overview

10

Static

static

malware_sm...14.exe

windows7-x64

10

malware_sm...14.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2586152214

  • Size

    989KB

  • Sample

    221004-qr3adsbdcj

  • MD5

    15e5ddb829c749649f99f10c90426e6c

  • SHA1

    f4086a982038a0614ffa3acf7a8cbdd07c34b7d1

  • SHA256

    76559476c1018ec1db4d8a692c6af3e66d394e31141f5cf47b1fdbb3ecde118c

  • SHA512

    2131caa27f42dc2aca407df253a8486ef9065846043b5e5b13fd7c3f24f5a4b8ddba50ca18645f6b0f6f5a7d60b20aee49631497592bbd9383e6f3dff70f9d0f

  • SSDEEP

    24576:t9JCiFuiVOFF/W7qmnYxvv0WJCC5V14y2KdZJC7:pwi4/4q3V5V1YKdv

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

104.168.167.51:443

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    38025B93DA95E52B49DBD6CF4413C95E

  • type

    loader

Targets

    • Target

      malware_smoke_2586152214

    • Size

      989KB

    • MD5

      15e5ddb829c749649f99f10c90426e6c

    • SHA1

      f4086a982038a0614ffa3acf7a8cbdd07c34b7d1

    • SHA256

      76559476c1018ec1db4d8a692c6af3e66d394e31141f5cf47b1fdbb3ecde118c

    • SHA512

      2131caa27f42dc2aca407df253a8486ef9065846043b5e5b13fd7c3f24f5a4b8ddba50ca18645f6b0f6f5a7d60b20aee49631497592bbd9383e6f3dff70f9d0f

    • SSDEEP

      24576:t9JCiFuiVOFF/W7qmnYxvv0WJCC5V14y2KdZJC7:pwi4/4q3V5V1YKdv

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks