danabot | e0e746ff4d24bd4588a7c1a1b16b0393ff828fb37818aa475709e2d6c9bf801e | Triage

Submit
Reports

Overview

overview

Static

static

0x000a0000...61.dll

windows7-x64

0x000a0000...61.dll

windows10-2004-x64

Sharing

General

Target

0x000a0000000134f2-61.dat
Size

723KB
Sample

221207-c8k6jsbe7w
MD5

d3448a7b5e2fe0c7173716b07ee76eb8
SHA1

f106248c3b292bb9946cb352cd91e264bf0b18d2
SHA256

e0e746ff4d24bd4588a7c1a1b16b0393ff828fb37818aa475709e2d6c9bf801e
SHA512

dc03d0eb9af44541ae9286d41275c19fb55aee3bd026d915b9d0861714f3ccb412f7c8e9b103babeff755a5db5646319694b6a5f144f4b90478cb88e519e96f6
SSDEEP

6144:Am+xNrXuGsV0xoSRHpSb+GpWTyzFNhK8WbyIv8o010JNeU3tKt2I+JThzGnVTvSf:AQDqVap2Fe5tazGJKlQP1wWa

Score

10^/10

danabot banker botnet trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0x000a0000000134f2-61.dll

Resource

win7-20220812-en

danabot banker trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x000a0000000134f2-61.dll

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

5.61.58.130

2.56.213.39

5.61.56.192

rsa_pubkey.plain

Targets

- Target
  
  0x000a0000000134f2-61.dat
- Size
  
  723KB
- MD5
  
  d3448a7b5e2fe0c7173716b07ee76eb8
- SHA1
  
  f106248c3b292bb9946cb352cd91e264bf0b18d2
- SHA256
  
  e0e746ff4d24bd4588a7c1a1b16b0393ff828fb37818aa475709e2d6c9bf801e
- SHA512
  
  dc03d0eb9af44541ae9286d41275c19fb55aee3bd026d915b9d0861714f3ccb412f7c8e9b103babeff755a5db5646319694b6a5f144f4b90478cb88e519e96f6
- SSDEEP
  
  6144:Am+xNrXuGsV0xoSRHpSb+GpWTyzFNhK8WbyIv8o010JNeU3tKt2I+JThzGnVTvSf:AQDqVap2Fe5tazGJKlQP1wWa
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

behavioral2

danabotbankertrojan

© 2018-2024

Terms | Privacy