danabot | ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3
Size

2.6MB
Sample

221209-j2s15sff2s
MD5

2d524a5cd462b3bfc756aa769b6f2413
SHA1

42f38de68754d6359dcf9a552a784f65e990410c
SHA256

ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3
SHA512

1eda516758373245e02c91a901f8eadf8df6e61334cce2ec33e13409bf9e7892fce0363251123024f067cd281668a5c57f3d888f521b60d22ed98e3e601867b9
SSDEEP

49152:eFPwnw9iU+HznCx4EuGvQTRK8yRqMOydsI2GQ71NaYaS9t61V8ycHfJb7KrzixOh:eFPgg+Hzn+rvcg8y7ds597OYaRV72xxO

Score

10^/10

danabot banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3.exe

Resource

win10v2004-20220812-en

danabot banker trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
341D2FD1638BB267A80C7445E1909B57
type
loader

Targets

- Target
  
  ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3
- Size
  
  2.6MB
- MD5
  
  2d524a5cd462b3bfc756aa769b6f2413
- SHA1
  
  42f38de68754d6359dcf9a552a784f65e990410c
- SHA256
  
  ff78e5c3a545e64efe6b467c094fb3232b5289d8ed8779b4f4efb286e1a44bc3
- SHA512
  
  1eda516758373245e02c91a901f8eadf8df6e61334cce2ec33e13409bf9e7892fce0363251123024f067cd281668a5c57f3d888f521b60d22ed98e3e601867b9
- SSDEEP
  
  49152:eFPwnw9iU+HznCx4EuGvQTRK8yRqMOydsI2GQ71NaYaS9t61V8ycHfJb7KrzixOh:eFPgg+Hzn+rvcg8y7ds597OYaRV72xxO
Score

10^/10

danabot banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Blocklisted process makes network request
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotbankertrojan

© 2018-2024

Terms | Privacy