danabot | c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa
Size

1.2MB
Sample

221021-enpdksbce5
MD5

9123cc158a4b8bed45b0397f1ea8b1c6
SHA1

948ba3968f4c52427ffd89894f46354233a803a1
SHA256

c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa
SHA512

2eeb9c229af05257797e749de2b46cc756972918bc14140119e5064bb658385af41dba8c0152b5a85bcf4632f787245e60215d0e085627ac12f7e18dc1ab16c8
SSDEEP

24576:xymvZHh2AAFjEH6StuvUZdZrn57/QcjcWgG/y:xRvdhFHLaq7zB/1jcUa

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa.exe

Resource

win10v2004-20220901-en

danabot banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

192.119.70.159:443

23.106.124.171:443

213.227.155.103:443

49.0.50.0:57

51.0.52.0:0

53.0.54.0:1200

55.0.56.0:65535

Attributes

embedded_hash
56951C922035D696BFCE443750496462
type
loader

Targets

- Target
  
  c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa
- Size
  
  1.2MB
- MD5
  
  9123cc158a4b8bed45b0397f1ea8b1c6
- SHA1
  
  948ba3968f4c52427ffd89894f46354233a803a1
- SHA256
  
  c1833171caa2d0d1086e43773fb0cb7edb474a20ffebc86ca5ac5c78126775fa
- SHA512
  
  2eeb9c229af05257797e749de2b46cc756972918bc14140119e5064bb658385af41dba8c0152b5a85bcf4632f787245e60215d0e085627ac12f7e18dc1ab16c8
- SSDEEP
  
  24576:xymvZHh2AAFjEH6StuvUZdZrn57/QcjcWgG/y:xRvdhFHLaq7zB/1jcUa
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2025

Terms | Privacy