General

  • Target

    d0fc9d579acc772729a961dea697ce8133a5c71cca139990215f7b09cc54f049

  • Size

    2.4MB

  • Sample

    221218-advemada5x

  • MD5

    48ad5d3d9fca6ac790392cb17626c439

  • SHA1

    7c82d7fbeb2351cd88eaf3b4782d0612e564ec4a

  • SHA256

    d0fc9d579acc772729a961dea697ce8133a5c71cca139990215f7b09cc54f049

  • SHA512

    e829509d92643a8e2fbf29edebbf1feadfa2dd568b6530bd215852cc774071da1977a9d960b0c73603e4fbc633efccfd7d62f1277aebed0430d2a7c148c2d129

  • SSDEEP

    49152:A3BmwccyQ1RHnTx1vYoJgsZPlPTI+WQHE7NqIgUBW6rH6yGo:iccyQ1pTx1QoJxZdTIZQ+zB3I

Score
10/10

Malware Config

Extracted

Family

danabot

C2

23.236.181.126:443

123.253.35.251:443

66.85.173.3:443

Attributes
  • embedded_hash

    8F56CD73F6B5CD5D7B17B0BA61E70A82

  • type

    loader

Targets

    • Target

      d0fc9d579acc772729a961dea697ce8133a5c71cca139990215f7b09cc54f049

    • Size

      2.4MB

    • MD5

      48ad5d3d9fca6ac790392cb17626c439

    • SHA1

      7c82d7fbeb2351cd88eaf3b4782d0612e564ec4a

    • SHA256

      d0fc9d579acc772729a961dea697ce8133a5c71cca139990215f7b09cc54f049

    • SHA512

      e829509d92643a8e2fbf29edebbf1feadfa2dd568b6530bd215852cc774071da1977a9d960b0c73603e4fbc633efccfd7d62f1277aebed0430d2a7c148c2d129

    • SSDEEP

      49152:A3BmwccyQ1RHnTx1vYoJgsZPlPTI+WQHE7NqIgUBW6rH6yGo:iccyQ1pTx1QoJxZdTIZQ+zB3I

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Loads dropped DLL

MITRE ATT&CK Matrix

Tasks