danabot | 644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40
Size

4.6MB
Sample

221005-sj38tseff4
MD5

efd8da8f11fd4f40ae0acf7ba2b653c1
SHA1

c4b29bacaf8aa72fd355d9dbf9130020ee28432f
SHA256

644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40
SHA512

82b95a6e1e2e87901bb11b9577f03ca56136ceccbb9456934aab0045f78da28bcacf40d9fed7dcfbd4cadd5f08ba44df539bd20d52ee0b8134080858860b4cd8
SSDEEP

98304:9GxsYgocEEhWTI0OoihUMZrJzRZ1xU61Hn1eMPN8VyCtE2Kf:QxyocEEjoie6llxU61H1eM5OE2Kf

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40.exe

Resource

win10-20220812-en

danabot banker trojan

windows10-1703-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

49.0.50.0:57

51.0.52.0:0

53.0.54.0:1200

55.0.56.0:65535

Attributes

embedded_hash
EAD30BF58E340E9E105B328F524565E0
type
loader

Targets

- Target
  
  644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40
- Size
  
  4.6MB
- MD5
  
  efd8da8f11fd4f40ae0acf7ba2b653c1
- SHA1
  
  c4b29bacaf8aa72fd355d9dbf9130020ee28432f
- SHA256
  
  644fad21b0be125864ce6f04c368b78ca08dcc763d741afa2e6b7e153cc03f40
- SHA512
  
  82b95a6e1e2e87901bb11b9577f03ca56136ceccbb9456934aab0045f78da28bcacf40d9fed7dcfbd4cadd5f08ba44df539bd20d52ee0b8134080858860b4cd8
- SSDEEP
  
  98304:9GxsYgocEEhWTI0OoihUMZrJzRZ1xU61Hn1eMPN8VyCtE2Kf:QxyocEEjoie6llxU61H1eM5OE2Kf
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2025

Terms | Privacy