danabot | 9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c
Size

1.3MB
Sample

221014-1kx27seeg4
MD5

50b0e3d3354723e6dc6d843542386084
SHA1

5d5f99f2b0d6647c912c0d4910ef068a50e77f2f
SHA256

9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c
SHA512

505e780752f455ed263e5fbd4fddd86b097b0cc5bb71f2135a65b58add8deba25af267fa7ee9f0727c3c2395e7ecf982680bbfa624d113992935f7e2c0df82a8
SSDEEP

24576:mp/q8cWvnLgE+9nnXNo4iFlrbYUgrSsTftL5EL0zvihTemNt4Q6dZHR57KaaKh:mp/7cknLgfXybNgxTI0bsTpiKaph

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c.exe

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

192.119.70.159:443

23.106.124.171:443

213.227.155.103:443

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c
- Size
  
  1.3MB
- MD5
  
  50b0e3d3354723e6dc6d843542386084
- SHA1
  
  5d5f99f2b0d6647c912c0d4910ef068a50e77f2f
- SHA256
  
  9311cb119df791f32a940b70b154f7477cf8d017d82263798642c4a50e21950c
- SHA512
  
  505e780752f455ed263e5fbd4fddd86b097b0cc5bb71f2135a65b58add8deba25af267fa7ee9f0727c3c2395e7ecf982680bbfa624d113992935f7e2c0df82a8
- SSDEEP
  
  24576:mp/q8cWvnLgE+9nnXNo4iFlrbYUgrSsTftL5EL0zvihTemNt4Q6dZHR57KaaKh:mp/7cknLgfXybNgxTI0bsTpiKaph
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2025

Terms | Privacy