danabot | 1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3
Size

2.6MB
Sample

221209-hzg1esfe41
MD5

e7d4b22745e2ac7b9057ddb0d8be5ab6
SHA1

adf825132fe114caff00de8f4b91f2e2b8c0d577
SHA256

1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3
SHA512

62a3e04dedd7adb38678d956e19b37f5105b9bf29400f6bc42772ed6237136cd5b82a70abf89f8af28ee59ac9d150e7ddd320f7740a02ca59a9bf011cd8e98f3
SSDEEP

49152:cGILgK+4RISsWcYnw4U6U9jjf6hla7Wr1Srqu5Cg0FSz33qVAayP+10Ti8xOP:cGI1PRbLzGJfWlsW5Nu5CgWSz334ATS5

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3.exe

Resource

win10v2004-20221111-en

danabot banker trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
341D2FD1638BB267A80C7445E1909B57
type
loader

Targets

- Target
  
  1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3
- Size
  
  2.6MB
- MD5
  
  e7d4b22745e2ac7b9057ddb0d8be5ab6
- SHA1
  
  adf825132fe114caff00de8f4b91f2e2b8c0d577
- SHA256
  
  1c2d3e3a602530705040873f42a3bf8b93e711b28d122087c48cd0a839a49bc3
- SHA512
  
  62a3e04dedd7adb38678d956e19b37f5105b9bf29400f6bc42772ed6237136cd5b82a70abf89f8af28ee59ac9d150e7ddd320f7740a02ca59a9bf011cd8e98f3
- SSDEEP
  
  49152:cGILgK+4RISsWcYnw4U6U9jjf6hla7Wr1Srqu5Cg0FSz33qVAayP+10Ti8xOP:cGI1PRbLzGJfWlsW5Nu5CgWSz334ATS5
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy