Overview

overview

10

Static

static

f90484603f...8c.dll

windows7-x64

10

f90484603f...8c.dll

windows10-2004-x64

10

Resubmissions

10-11-2022 21:02

221110-zvqv7seac7 10

10-11-2022 21:00

221110-ztefsaeaa9 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8385266325.zip

  • Size

    5.0MB

  • Sample

    221110-zvqv7seac7

  • MD5

    ab8ec721eec1cacd6a395db62f997e5c

  • SHA1

    418d06aa788e068d788c7157ecd40783c50bfb0b

  • SHA256

    eb4cffd9bc50353854c89044ac2fa5458dcdde434075388bf14371b935ad086a

  • SHA512

    1f9ca4096df85279b4be7816b5763c1f13f4e2ad0b592780fecd20ed7dbb1e1c2e701bacf53fe171b261f489e01a75bab11ebae8d02989f1adaf8b02af01a8d7

  • SSDEEP

    98304:Ks6BoMdnlYoYJzwq6SQFMOVnnGijD8d0Kc3GfUKbL/0g:Kbni90bSQPVnGxd0F8vsg

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

Attributes
  • embedded_hash

    794D6CC67928F094F294B738E3257AB8

  • type

    loader

Targets

    • Target

      f90484603fcebe6dcf6d13b4154c6761cfa084e0a8ad2b5dc5b57b4d1867a48c

    • Size

      7.6MB

    • MD5

      35857661dcaa8222d6e4a94d272910b7

    • SHA1

      6624dbbf4a5eca4d4dc50ba363bec08d97e55618

    • SHA256

      f90484603fcebe6dcf6d13b4154c6761cfa084e0a8ad2b5dc5b57b4d1867a48c

    • SHA512

      aabcb363760f16206d00bb119f9b5610f70512f303488f23cc71b8494e90a0886863233fea95d54fa840ffb0ab8a62df0db063df8d33e2016365134ee958cedd

    • SSDEEP

      196608:UOkd+1H96rzMtV3cpIwKlLMvfcHSpdskL:PP9IMtVM/KlQvfcHP

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks