Overview

overview

10

Static

static

malware_sm...46.exe

windows7-x64

10

malware_sm...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_1300718746

  • Size

    1.0MB

  • Sample

    221004-rhz94sbebp

  • MD5

    918be9d668bffdec63f184050d4b2883

  • SHA1

    63adbf4aeeffe68460bf64f4832c6660193e30c0

  • SHA256

    cbced5793450b49eedfaa70e1f569e0d80c336faeac2a5a16a3fc43536b0970d

  • SHA512

    564107fa81f0d20874b1d5a524d9a4eba972803324b284b70d0c01147e657609e3818497dcae66195096f643c4c69fd61e5bc8e3da5ec197d235a780aac7f81d

  • SSDEEP

    24576:ED+Xqsgozyz8SK0jgiQR5nYuuPsYY9h2yLz8iL5RB:Hasnzy3OF3JuPe9wy

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    12DF5314C5FDA13D9BF397EE140FD5E8

  • type

    loader

Targets

    • Target

      malware_smoke_1300718746

    • Size

      1.0MB

    • MD5

      918be9d668bffdec63f184050d4b2883

    • SHA1

      63adbf4aeeffe68460bf64f4832c6660193e30c0

    • SHA256

      cbced5793450b49eedfaa70e1f569e0d80c336faeac2a5a16a3fc43536b0970d

    • SHA512

      564107fa81f0d20874b1d5a524d9a4eba972803324b284b70d0c01147e657609e3818497dcae66195096f643c4c69fd61e5bc8e3da5ec197d235a780aac7f81d

    • SSDEEP

      24576:ED+Xqsgozyz8SK0jgiQR5nYuuPsYY9h2yLz8iL5RB:Hasnzy3OF3JuPe9wy

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks