Overview

overview

10

Static

static

malware_sm...76.exe

windows7-x64

10

malware_sm...76.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2685359676

  • Size

    1.0MB

  • Sample

    221004-rf7w6sbbd6

  • MD5

    709ac17aa5df3c0524aea20526c972a8

  • SHA1

    7ca26cff5ad3877c54539b14b85267689e9167b0

  • SHA256

    2115604b92baedae0ce00d0999b30ce95ef4b7a500394d93ff0964058564b86f

  • SHA512

    0f6aa767a8103600b708d5f67b06c0c07c7ee810c30138d63715e3333dc6dd8065cea54992fb7002fff1efb3aa12a3f1b270209f833f579cf8fd40850bc553c4

  • SSDEEP

    24576:Ur9ateFHxSeaj01+U/76idwZmmA2E5R4Fn3Z5Uhp/1fKbEWA:UdHxb801+U/e3A2E5SF3Zqhp1fKb

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    12DF5314C5FDA13D9BF397EE140FD5E8

  • type

    loader

Targets

    • Target

      malware_smoke_2685359676

    • Size

      1.0MB

    • MD5

      709ac17aa5df3c0524aea20526c972a8

    • SHA1

      7ca26cff5ad3877c54539b14b85267689e9167b0

    • SHA256

      2115604b92baedae0ce00d0999b30ce95ef4b7a500394d93ff0964058564b86f

    • SHA512

      0f6aa767a8103600b708d5f67b06c0c07c7ee810c30138d63715e3333dc6dd8065cea54992fb7002fff1efb3aa12a3f1b270209f833f579cf8fd40850bc553c4

    • SSDEEP

      24576:Ur9ateFHxSeaj01+U/76idwZmmA2E5R4Fn3Z5Uhp/1fKbEWA:UdHxb801+U/e3A2E5SF3Zqhp1fKb

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks