danabot | d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f
Size

193KB
Sample

221020-kzcf2sefcm
MD5

056e389ed68b6441edc19c32cae3c36f
SHA1

e8eca80ac1eddd46702ea1f0bda93c537f611928
SHA256

d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f
SHA512

61b3054a7a1f053516cfbdc3167ed044c72f36a2b155391283d5d8030e71ebab941d6ba6dcfef8b7a439b10bdeefb9020b122d4901cda8f741151b1708decbad
SSDEEP

3072:z2XOjuimzLDWEBXM05Ftyv4P8/hWQ2oOX0Kfj3:KOuimzLR5McEgkZWQ2TX0O

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f.exe

Resource

win10v2004-20220812-en

danabot smokeloader backdoor banker trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f
- Size
  
  193KB
- MD5
  
  056e389ed68b6441edc19c32cae3c36f
- SHA1
  
  e8eca80ac1eddd46702ea1f0bda93c537f611928
- SHA256
  
  d7b7d7150d8282dfdfc0de64b54f2c66c82b5e21d180c2dc3566a3205186278f
- SHA512
  
  61b3054a7a1f053516cfbdc3167ed044c72f36a2b155391283d5d8030e71ebab941d6ba6dcfef8b7a439b10bdeefb9020b122d4901cda8f741151b1708decbad
- SSDEEP
  
  3072:z2XOjuimzLDWEBXM05Ftyv4P8/hWQ2oOX0Kfj3:KOuimzLR5McEgkZWQ2TX0O
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy