Overview

overview

10

Static

static

malware_sm...82.exe

windows7-x64

10

malware_sm...82.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_1895150882

  • Size

    1.0MB

  • Sample

    221004-rkscaabecl

  • MD5

    c53c1a89163132347f76dd22ab3741cc

  • SHA1

    026cd76399273a5691555bf058f6b5c0aa56cc50

  • SHA256

    e10640bc90b1c9fe36be71c79b107140b95a541611358c2627b516f3ae58e397

  • SHA512

    4fd035370232c85fb04f0af16742e5ecbb51235a5adfebf2bf2568637a39d2614165274caceaf0bc6cbdaa9fad977a5e7470d55287cc0a1eecde6362175f3864

  • SSDEEP

    24576:JgMcEVieKUHklvhYLSlVf/Ja4rITxX0x8kKMsyNv:JPcAimElw6enTxkx8kK7yN

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    12DF5314C5FDA13D9BF397EE140FD5E8

  • type

    loader

Targets

    • Target

      malware_smoke_1895150882

    • Size

      1.0MB

    • MD5

      c53c1a89163132347f76dd22ab3741cc

    • SHA1

      026cd76399273a5691555bf058f6b5c0aa56cc50

    • SHA256

      e10640bc90b1c9fe36be71c79b107140b95a541611358c2627b516f3ae58e397

    • SHA512

      4fd035370232c85fb04f0af16742e5ecbb51235a5adfebf2bf2568637a39d2614165274caceaf0bc6cbdaa9fad977a5e7470d55287cc0a1eecde6362175f3864

    • SSDEEP

      24576:JgMcEVieKUHklvhYLSlVf/Ja4rITxX0x8kKMsyNv:JPcAimElw6enTxkx8kK7yN

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks