Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a313ba86e10a0740312fe203d5ae61fd6000b6639dc4c976d62050fe81aa3962

  • Size

    232KB

  • Sample

    221014-qtrlnsdegm

  • MD5

    78484b4b3be56f7d6ec26219a7b262b7

  • SHA1

    5d5c43764824f120e2770bf3e483d360e8fe6c83

  • SHA256

    a313ba86e10a0740312fe203d5ae61fd6000b6639dc4c976d62050fe81aa3962

  • SHA512

    a48f548d612de3b620b181f65d89074469e864e3591956e2163309f343f0371626bee3eb4f7df840caa9eb94eed29697eb45b8de4c6a5638a551708e3e91a145

  • SSDEEP

    3072:YXN+ENpaLx86Rx1s57bmGqCLdzchI9Etx9eii0K6RzgORP2RITih:s1papL1ubmG2tx9Di0lZgORPsITih

Score
10/10
danabotsmokeloaderbackdoorbankertrojan

Malware Config

Extracted

Family

danabot

Attributes
  • embedded_hash

    56951C922035D696BFCE443750496462

  • type

    loader

Targets

    • Target

      a313ba86e10a0740312fe203d5ae61fd6000b6639dc4c976d62050fe81aa3962

    • Size

      232KB

    • MD5

      78484b4b3be56f7d6ec26219a7b262b7

    • SHA1

      5d5c43764824f120e2770bf3e483d360e8fe6c83

    • SHA256

      a313ba86e10a0740312fe203d5ae61fd6000b6639dc4c976d62050fe81aa3962

    • SHA512

      a48f548d612de3b620b181f65d89074469e864e3591956e2163309f343f0371626bee3eb4f7df840caa9eb94eed29697eb45b8de4c6a5638a551708e3e91a145

    • SSDEEP

      3072:YXN+ENpaLx86Rx1s57bmGqCLdzchI9Etx9eii0K6RzgORP2RITih:s1papL1ubmG2tx9Di0lZgORPsITih

    Score
    10/10
    danabotsmokeloaderbackdoorbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.