danabot | 257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed
Size

224KB
Sample

221016-3ypdbsadd5
MD5

92bfa613bf98162934c2da1e48fe2de6
SHA1

96ffc8fd008aaa0bc82a2ffa3bfd7a1ce4e9a567
SHA256

257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed
SHA512

d8c6814fc515d5eda3a78a1ed6a4bba21e0f35b8664bc9660f5fc698ce299a3af1c623bf4ff74e9932bbed50eeea4a743093be60027b223202fc890a0e874f81
SSDEEP

3072:VBXp+QH4L/nAAVLXe5Y9WU/dwwnJb2nEKGORIEn0KKPYzRj+UuS:LXH4LbLZ9oa/sn0JYNjHuS

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed.exe

Resource

win10-20220901-en

danabot smokeloader backdoor banker trojan

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed
- Size
  
  224KB
- MD5
  
  92bfa613bf98162934c2da1e48fe2de6
- SHA1
  
  96ffc8fd008aaa0bc82a2ffa3bfd7a1ce4e9a567
- SHA256
  
  257e71c8e07e82c77729146af5daaf4109bd1103f7b7f92c81e2e4da13c7c1ed
- SHA512
  
  d8c6814fc515d5eda3a78a1ed6a4bba21e0f35b8664bc9660f5fc698ce299a3af1c623bf4ff74e9932bbed50eeea4a743093be60027b223202fc890a0e874f81
- SSDEEP
  
  3072:VBXp+QH4L/nAAVLXe5Y9WU/dwwnJb2nEKGORIEn0KKPYzRj+UuS:LXH4LbLZ9oa/sn0JYNjHuS
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy