danabot | 5bf179d7a0b5939cecd4cd9bd387d75b69f2691be0d251cbea9fbdff3580c551 | Triage

Sharing

General

Target

5bf179d7a0b5939cecd4cd9bd387d75b69f2691be0d251cbea9fbdff3580c551
Size

1.3MB
Sample

221008-nzmtkaeff4
MD5

c52a84100b9087a2f012b0c4518b34f5
SHA1

ee2d7f28779e2b0e66678b1566d02d8c2f8afc82
SHA256

5bf179d7a0b5939cecd4cd9bd387d75b69f2691be0d251cbea9fbdff3580c551
SHA512

648d5c210340f3a3aae357d52eb8325878f5fe22e6a04fb48ba9f514d4a9ff914e8b683eda17ff9f009ff79aeafc5b4d780286875fa967e2ba40a0643d960bcc
SSDEEP

24576:LkNdZZ2WeYXLILyHqnKXjhnQL4l/T5uHfYddHbLqQjDsH:LsjrdVM4hVu/Yd9

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

192.119.70.159:443

23.106.124.171:443

213.227.155.103:443

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  5bf179d7a0b5939cecd4cd9bd387d75b69f2691be0d251cbea9fbdff3580c551
- Size
  
  1.3MB
- MD5
  
  c52a84100b9087a2f012b0c4518b34f5
- SHA1
  
  ee2d7f28779e2b0e66678b1566d02d8c2f8afc82
- SHA256
  
  5bf179d7a0b5939cecd4cd9bd387d75b69f2691be0d251cbea9fbdff3580c551
- SHA512
  
  648d5c210340f3a3aae357d52eb8325878f5fe22e6a04fb48ba9f514d4a9ff914e8b683eda17ff9f009ff79aeafc5b4d780286875fa967e2ba40a0643d960bcc
- SSDEEP
  
  24576:LkNdZZ2WeYXLILyHqnKXjhnQL4l/T5uHfYddHbLqQjDsH:LsjrdVM4hVu/Yd9
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan