danabot | 9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b
Size

231KB
Sample

221014-vkz9nsdha7
MD5

5a73a819e4367849301da7d5ff66460f
SHA1

d01cb704eab24c1af8d227f61391c9139d6fcef3
SHA256

9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b
SHA512

250ea37cb7a5030476e18ccdbe77136022a0592f254a295cc2a768924beb5dbfc35b515d0ae6872b15168c1e1bedf12caf40b8511078f12d68a771e266077875
SSDEEP

3072:WqXNGMzgNmdWec6xON1pG5r1WYF5Bl3cfM4eMezpx0KJY9j3:fQNmzE1C11p3kNez70sYx3

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b.exe

Resource

win10v2004-20220812-en

danabot smokeloader backdoor banker trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b
- Size
  
  231KB
- MD5
  
  5a73a819e4367849301da7d5ff66460f
- SHA1
  
  d01cb704eab24c1af8d227f61391c9139d6fcef3
- SHA256
  
  9eb78307cee70735e7ef70f1648ab5ef2f717de9963d8e7b3b3a84f461c3171b
- SHA512
  
  250ea37cb7a5030476e18ccdbe77136022a0592f254a295cc2a768924beb5dbfc35b515d0ae6872b15168c1e1bedf12caf40b8511078f12d68a771e266077875
- SSDEEP
  
  3072:WqXNGMzgNmdWec6xON1pG5r1WYF5Bl3cfM4eMezpx0KJY9j3:fQNmzE1C11p3kNez70sYx3
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy