Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250

  • Size

    214KB

  • Sample

    221218-syv6rsce98

  • MD5

    906d61684a9994d7e338ffbde12a77cc

  • SHA1

    d4e08cd8096504aca9a01dfae631de580b3da365

  • SHA256

    78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250

  • SHA512

    2952dee399886f2b82463eb69eba02b30c29dab0efd1883b826cd2804497fd30b2536cea3cf8d2acb42065be6f3a47dcc567f38917bfdf9b754988f2bf4f9a06

  • SSDEEP

    6144:UkJLPvkxjs9QVO/+ywvE+JHq8TjlVklPH:UkJjcNsuVO/CECflU

Score
10/10
danabotsmokeloaderbackdoorbankertrojan

Malware Config

Extracted

Family

danabot

C2

23.236.181.126:443

123.253.35.251:443

66.85.173.3:443
Attributes
  • embedded_hash

    8F56CD73F6B5CD5D7B17B0BA61E70A82

  • type

    loader

Targets

    • Target

      78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250

    • Size

      214KB

    • MD5

      906d61684a9994d7e338ffbde12a77cc

    • SHA1

      d4e08cd8096504aca9a01dfae631de580b3da365

    • SHA256

      78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250

    • SHA512

      2952dee399886f2b82463eb69eba02b30c29dab0efd1883b826cd2804497fd30b2536cea3cf8d2acb42065be6f3a47dcc567f38917bfdf9b754988f2bf4f9a06

    • SSDEEP

      6144:UkJLPvkxjs9QVO/+ywvE+JHq8TjlVklPH:UkJjcNsuVO/CECflU

    Score
    10/10
    danabotsmokeloaderbackdoorbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.