Overview

overview

10

Static

static

malware_sm...50.exe

windows7-x64

10

malware_sm...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_193871350

  • Size

    1.0MB

  • Sample

    221004-ra63pabbb9

  • MD5

    d4ec6a8ee6d40ea034dcbb75059154cb

  • SHA1

    4578566122e5df6e565508d675a1f0df8026df84

  • SHA256

    bde3e0878d5d18e4779720ae17c2af24616ec1e7f2dd30325591916bec38c368

  • SHA512

    4d1d38d5a113694ae7e2cc3aa54f339ef42a5e455e07e2e7156bdcdcdc0186923baa963917d1adbf5f9a9dad02be7b8545a02a2a04bd66a75cb5c3c6df55a2a9

  • SSDEEP

    24576:s59pejGNBSEPA9lb+nTdRwH28vzhtXBL3pYSFzCB:Apej8ulSTdRwfhtXBrx

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.129.180:443

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    5C4A9996E213E13DC6AC3BC28C895A29

  • type

    loader

Targets

    • Target

      malware_smoke_193871350

    • Size

      1.0MB

    • MD5

      d4ec6a8ee6d40ea034dcbb75059154cb

    • SHA1

      4578566122e5df6e565508d675a1f0df8026df84

    • SHA256

      bde3e0878d5d18e4779720ae17c2af24616ec1e7f2dd30325591916bec38c368

    • SHA512

      4d1d38d5a113694ae7e2cc3aa54f339ef42a5e455e07e2e7156bdcdcdc0186923baa963917d1adbf5f9a9dad02be7b8545a02a2a04bd66a75cb5c3c6df55a2a9

    • SSDEEP

      24576:s59pejGNBSEPA9lb+nTdRwH28vzhtXBL3pYSFzCB:Apej8ulSTdRwfhtXBrx

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks