Overview

overview

10

Static

static

malware_sm...19.exe

windows7-x64

10

malware_sm...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_809594919

  • Size

    1011KB

  • Sample

    221004-rdwfcsbean

  • MD5

    37d8178ae059b50a0a8f3029aec04dd4

  • SHA1

    ae023282071e3f7dfb66cb2f9023e0878716c29a

  • SHA256

    3f2fa8fca7ba420f027c34c8b64201fa533ca9ddd5c29770d1ae6887543236bb

  • SHA512

    3fb90a11985ac0eea58d57344e095b62c678325961605372fa3f0db2393140128ccd2dac25202e0a345a0ee5b59a559a5a74eb81e753a264a7c1e0a2e7b1f63d

  • SSDEEP

    24576:Vp9jw0ccQSjBeJ90i7KV7rSKNq43UfuaUHOavdLL:+fcru2QKV7rSR4gYL

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    12DF5314C5FDA13D9BF397EE140FD5E8

  • type

    loader

Targets

    • Target

      malware_smoke_809594919

    • Size

      1011KB

    • MD5

      37d8178ae059b50a0a8f3029aec04dd4

    • SHA1

      ae023282071e3f7dfb66cb2f9023e0878716c29a

    • SHA256

      3f2fa8fca7ba420f027c34c8b64201fa533ca9ddd5c29770d1ae6887543236bb

    • SHA512

      3fb90a11985ac0eea58d57344e095b62c678325961605372fa3f0db2393140128ccd2dac25202e0a345a0ee5b59a559a5a74eb81e753a264a7c1e0a2e7b1f63d

    • SSDEEP

      24576:Vp9jw0ccQSjBeJ90i7KV7rSKNq43UfuaUHOavdLL:+fcru2QKV7rSR4gYL

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks