danabot | dbc1cb66916359beec89171f1e3b964ff662f06dc679caa2a386d3a1984be3bd | Triage

Sharing

General

Target

dbc1cb66916359beec89171f1e3b964ff662f06dc679caa2a386d3a1984be3bd
Size

1.3MB
Sample

221027-l1r4kabghk
MD5

e149b772abb24bd7a8c52d040aa5cb28
SHA1

fe1cd144e31c2052cea5d30c3363a08a4cdd958c
SHA256

dbc1cb66916359beec89171f1e3b964ff662f06dc679caa2a386d3a1984be3bd
SHA512

43aabe646bbd496e07bbbd2833a98ee1f21c70c2c842749a8029849860e9f6893d6c09a3507042c0e6ad4c6835b3913eebcc31afcf7ff96afd26760c34da9cdd
SSDEEP

24576:I2WueEV4gGS8vHkkCz7e/SxZImpRcYpZC0nrdXeMpoW7j48MH+V:I2nvP8vHDSj/pSYuUrdOMOWpEG

Score

10^/10

danabot banker trojan

Malware Config

Extracted

Family

danabot

C2

172.86.120.215:443

213.227.155.103:443

103.187.26.147:443

172.86.120.138:443

Attributes

embedded_hash
BBBB0DB8CB7E6D152424535822E445A7
type
loader

Targets

- Target
  
  dbc1cb66916359beec89171f1e3b964ff662f06dc679caa2a386d3a1984be3bd
- Size
  
  1.3MB
- MD5
  
  e149b772abb24bd7a8c52d040aa5cb28
- SHA1
  
  fe1cd144e31c2052cea5d30c3363a08a4cdd958c
- SHA256
  
  dbc1cb66916359beec89171f1e3b964ff662f06dc679caa2a386d3a1984be3bd
- SHA512
  
  43aabe646bbd496e07bbbd2833a98ee1f21c70c2c842749a8029849860e9f6893d6c09a3507042c0e6ad4c6835b3913eebcc31afcf7ff96afd26760c34da9cdd
- SSDEEP
  
  24576:I2WueEV4gGS8vHkkCz7e/SxZImpRcYpZC0nrdXeMpoW7j48MH+V:I2nvP8vHDSj/pSYuUrdOMOWpEG
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan