General

  • Target

    346c1ef0011b88271787d598601fb1a2b57879b2ede6291483feb76e6ae9a454

  • Size

    2.4MB

  • Sample

    221217-1sz7jacf6t

  • MD5

    0e8d5989884645f8851d00fc0dc0bed7

  • SHA1

    c8f4a384190868335842b7cbdbf66b77007ce60b

  • SHA256

    346c1ef0011b88271787d598601fb1a2b57879b2ede6291483feb76e6ae9a454

  • SHA512

    d99a43fa2bd3948c44df67b355cbeff39d0b4d38ba79d13ceaf71118042e4fe7a41b668d79cb48e2b90e033bea9e73e10cc493cec66759f2ffafa709aba3b894

  • SSDEEP

    49152:389w72ljurezWJ540DT+zmDDbJ/By5K6SGl2tpk9pBZD+bYPtSiaw:Q22l8vnDd/B0KGlFPSxw

Score
10/10

Malware Config

Extracted

Family

danabot

C2

23.236.181.126:443

123.253.35.251:443

66.85.173.3:443

Attributes
  • embedded_hash

    8F56CD73F6B5CD5D7B17B0BA61E70A82

  • type

    loader

Targets

    • Target

      346c1ef0011b88271787d598601fb1a2b57879b2ede6291483feb76e6ae9a454

    • Size

      2.4MB

    • MD5

      0e8d5989884645f8851d00fc0dc0bed7

    • SHA1

      c8f4a384190868335842b7cbdbf66b77007ce60b

    • SHA256

      346c1ef0011b88271787d598601fb1a2b57879b2ede6291483feb76e6ae9a454

    • SHA512

      d99a43fa2bd3948c44df67b355cbeff39d0b4d38ba79d13ceaf71118042e4fe7a41b668d79cb48e2b90e033bea9e73e10cc493cec66759f2ffafa709aba3b894

    • SSDEEP

      49152:389w72ljurezWJ540DT+zmDDbJ/By5K6SGl2tpk9pBZD+bYPtSiaw:Q22l8vnDd/B0KGlFPSxw

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks