Overview

overview

10

Static

static

malware_sm...00.exe

windows7-x64

10

malware_sm...00.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    malware_smoke_2031282100

  • Size

    1004KB

  • Sample

    221004-rnfsnabbf3

  • MD5

    f7ca6ae1dc453ec9a38521434cd628f4

  • SHA1

    fc93b89044d8b46b0dcbfbe233938dc8413ec3de

  • SHA256

    db4244833901ba3af6a6067a221158fd6ff5c716cf71d4b793bed6f9f531f823

  • SHA512

    4dab36acc88c07f78f7213b4a31b9c3d00957fb594eae05ec473799bb7514dbf3e7a8925825f77f28955efa0e98e0fa00899a3d1b1996a93c5ae935bd3342688

  • SSDEEP

    24576:ooW6nH8FR0j1LI6FLq4FMHF+wQziDz/Ku7:Q6nrju68NQzumu

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

23.254.133.7:443

213.227.155.102:443
Attributes
  • embedded_hash

    12DF5314C5FDA13D9BF397EE140FD5E8

  • type

    loader

Targets

    • Target

      malware_smoke_2031282100

    • Size

      1004KB

    • MD5

      f7ca6ae1dc453ec9a38521434cd628f4

    • SHA1

      fc93b89044d8b46b0dcbfbe233938dc8413ec3de

    • SHA256

      db4244833901ba3af6a6067a221158fd6ff5c716cf71d4b793bed6f9f531f823

    • SHA512

      4dab36acc88c07f78f7213b4a31b9c3d00957fb594eae05ec473799bb7514dbf3e7a8925825f77f28955efa0e98e0fa00899a3d1b1996a93c5ae935bd3342688

    • SSDEEP

      24576:ooW6nH8FR0j1LI6FLq4FMHF+wQziDz/Ku7:Q6nrju68NQzumu

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks