General
-
Target
HEUR-Trojan-Banker.Win32.Danabot.gen-5e04a3d0.dll
-
Size
1.2MB
-
Sample
221112-mkdfxaeh37
-
MD5
09e361c84a62b723ff0ba6b7c6ceb708
-
SHA1
4929bb7ca9315d388173c73cef25dfb3ea74f8d6
-
SHA256
5e04a3d0062093c8e795733a990e668705728c242b4c47c63cf54b35b14ba99d
-
SHA512
caf259991d6db9d37c0d8df3a9fd54cfa1e38ab82ea44608dbd1bc99e1f332da63fd1224be5688206f578d6c8742bdcb5c0c861384950000a6586470e72e2573
-
SSDEEP
24576:8b1nfBwzVWsEqGhfgl01nezvEcm86CMvihkH5eM1T/vyG:4uEZOI2842zYWT/v
Behavioral task
behavioral1
Sample
HEUR-Trojan-Banker.Win32.Danabot.gen-5e04a3d0.dll
Resource
win7-20220812-en
Malware Config
Extracted
danabot
11
54.250.13.251:443
134.122.53.241:443
13.53.234.226:443
35.182.95.170:443
-
embedded_hash
E9487618F966D7A08194A9E220290BD9
-
type
loader
Targets
-
-
Target
HEUR-Trojan-Banker.Win32.Danabot.gen-5e04a3d0.dll
-
Size
1.2MB
-
MD5
09e361c84a62b723ff0ba6b7c6ceb708
-
SHA1
4929bb7ca9315d388173c73cef25dfb3ea74f8d6
-
SHA256
5e04a3d0062093c8e795733a990e668705728c242b4c47c63cf54b35b14ba99d
-
SHA512
caf259991d6db9d37c0d8df3a9fd54cfa1e38ab82ea44608dbd1bc99e1f332da63fd1224be5688206f578d6c8742bdcb5c0c861384950000a6586470e72e2573
-
SSDEEP
24576:8b1nfBwzVWsEqGhfgl01nezvEcm86CMvihkH5eM1T/vyG:4uEZOI2842zYWT/v
-
Danabot Loader Component
-
Blocklisted process makes network request
-