danabot | 754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267
Size

2.5MB
Sample

221209-cszn1acb27
MD5

1a121619e1f9e8d574d09feb47bf398a
SHA1

7e5a547fa0bac982630f36357183d00960084f04
SHA256

754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267
SHA512

2c16cc374cd7ef19f4a8406346a9f0c9d3d83ecd5e70f1f69c37ca0387d0b359d0e39c50c566c067ec8bc02f4d6285340679f3b92a208fb0e874258808461242
SSDEEP

49152:P6Ta2ssnB4HP2M18q3uJZJNtYRm07MDDNPeA:STaA6PR8q+JwtWD

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267.exe

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
341D2FD1638BB267A80C7445E1909B57
type
loader

Targets

- Target
  
  754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267
- Size
  
  2.5MB
- MD5
  
  1a121619e1f9e8d574d09feb47bf398a
- SHA1
  
  7e5a547fa0bac982630f36357183d00960084f04
- SHA256
  
  754435e17e759f44a0f425c0e8a1dc93a25ab2d17b9b894e0208cefcfa447267
- SHA512
  
  2c16cc374cd7ef19f4a8406346a9f0c9d3d83ecd5e70f1f69c37ca0387d0b359d0e39c50c566c067ec8bc02f4d6285340679f3b92a208fb0e874258808461242
- SSDEEP
  
  49152:P6Ta2ssnB4HP2M18q3uJZJNtYRm07MDDNPeA:STaA6PR8q+JwtWD
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy