Overview

overview

10

Static

static

malware_sm...36.exe

windows7-x64

10

malware_sm...36.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2950363636

  • Size

    990KB

  • Sample

    221004-qy359sbddp

  • MD5

    b7a941ccee51c48bd6d1ec4647a84bba

  • SHA1

    6dcad292e3ed53b6c585e349816a0bc1ed6efd89

  • SHA256

    912e48c880423c13566dcee31ceeff8a34a66fcca0745b9645a5ff541f41aff5

  • SHA512

    ee2705dd26dbde88680e20e4dad48ac4b46ec0cda72df2dc7b895d01a64a8d2f02e07e7ce106f80ed876b9ef07a692224e891a129d396711cc98f21ac35c8682

  • SSDEEP

    24576:8BP9QEFEiRKoxL91U0M04Sgkcd4LMnC2:IHFdRKOL92046s4La1

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

104.168.167.51:443

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    38025B93DA95E52B49DBD6CF4413C95E

  • type

    loader

Targets

    • Target

      malware_smoke_2950363636

    • Size

      990KB

    • MD5

      b7a941ccee51c48bd6d1ec4647a84bba

    • SHA1

      6dcad292e3ed53b6c585e349816a0bc1ed6efd89

    • SHA256

      912e48c880423c13566dcee31ceeff8a34a66fcca0745b9645a5ff541f41aff5

    • SHA512

      ee2705dd26dbde88680e20e4dad48ac4b46ec0cda72df2dc7b895d01a64a8d2f02e07e7ce106f80ed876b9ef07a692224e891a129d396711cc98f21ac35c8682

    • SSDEEP

      24576:8BP9QEFEiRKoxL91U0M04Sgkcd4LMnC2:IHFdRKOL92046s4La1

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks