danabot | 6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16
Size

260KB
Sample

221027-pe675scbdn
MD5

0e1fe87be46c53d4ebe64ad3a9bebd26
SHA1

b0e585dc1ae1746bcad3f8c32b8d1487d3a99132
SHA256

6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16
SHA512

cac0e6a7848a1c7c1d1476ffc28ba338e78b0a4d3765c2dc5b2273821078340a71c31e08a27d14e7915764345acdf8c18e3a2de864de1c52d2271d7ed4ac96fc
SSDEEP

6144:eWHs2P/6Whqj2vBLTkKGQQCRTvQl7r0U:egs2P/6WsKBgeRTwA

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16.exe

Resource

win10-20220901-en

danabot smokeloader backdoor banker trojan

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
BBBB0DB8CB7E6D152424535822E445A7
type
loader

Targets

- Target
  
  6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16
- Size
  
  260KB
- MD5
  
  0e1fe87be46c53d4ebe64ad3a9bebd26
- SHA1
  
  b0e585dc1ae1746bcad3f8c32b8d1487d3a99132
- SHA256
  
  6def751fed7bca16da66d7c1c370d283c8288331641ead7fa599890bc4e5bb16
- SHA512
  
  cac0e6a7848a1c7c1d1476ffc28ba338e78b0a4d3765c2dc5b2273821078340a71c31e08a27d14e7915764345acdf8c18e3a2de864de1c52d2271d7ed4ac96fc
- SSDEEP
  
  6144:eWHs2P/6Whqj2vBLTkKGQQCRTvQl7r0U:egs2P/6WsKBgeRTwA
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2024

Terms | Privacy