danabot | d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54
Size

383KB
Sample

221209-qlcsjsgb3w
MD5

3924b9589f8ad1ad16fb366b9a4ef019
SHA1

f4d00271273ebba02658fde72f24dd9c3b13cf52
SHA256

d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54
SHA512

1080d569c826c661b1d71fe8e88ec6cdc565cc28ec3dd09c3dbb69d01b721916c7b00bc607c5dee05155e147a558a181442db1c943d6299b19cc13a1af3bd368
SSDEEP

6144:yPxLc89V7HBXHytZGmL4z21hh6K9W9LYRded89kTR:y5o89hhXHQZGo42IK9W9Paw

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54.exe

Resource

win10v2004-20220812-en

danabot smokeloader backdoor banker trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
341D2FD1638BB267A80C7445E1909B57
type
loader

Targets

- Target
  
  d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54
- Size
  
  383KB
- MD5
  
  3924b9589f8ad1ad16fb366b9a4ef019
- SHA1
  
  f4d00271273ebba02658fde72f24dd9c3b13cf52
- SHA256
  
  d7b569a977e94f8e8afe1f626dc41021faae0d8e81f6af60691d467ed68dcf54
- SHA512
  
  1080d569c826c661b1d71fe8e88ec6cdc565cc28ec3dd09c3dbb69d01b721916c7b00bc607c5dee05155e147a558a181442db1c943d6299b19cc13a1af3bd368
- SSDEEP
  
  6144:yPxLc89V7HBXHytZGmL4z21hh6K9W9LYRded89kTR:y5o89hhXHQZGo42IK9W9Paw
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2024

Terms | Privacy