danabot | 78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250
Size

214KB
Sample

221218-syv6rsce98
MD5

906d61684a9994d7e338ffbde12a77cc
SHA1

d4e08cd8096504aca9a01dfae631de580b3da365
SHA256

78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250
SHA512

2952dee399886f2b82463eb69eba02b30c29dab0efd1883b826cd2804497fd30b2536cea3cf8d2acb42065be6f3a47dcc567f38917bfdf9b754988f2bf4f9a06
SSDEEP

6144:UkJLPvkxjs9QVO/+ywvE+JHq8TjlVklPH:UkJjcNsuVO/CECflU

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250.exe

Resource

win10-20220812-en

danabot smokeloader backdoor banker trojan

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

23.236.181.126:443

123.253.35.251:443

66.85.173.3:443

Attributes

embedded_hash
8F56CD73F6B5CD5D7B17B0BA61E70A82
type
loader

Targets

- Target
  
  78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250
- Size
  
  214KB
- MD5
  
  906d61684a9994d7e338ffbde12a77cc
- SHA1
  
  d4e08cd8096504aca9a01dfae631de580b3da365
- SHA256
  
  78284c9f117c387050311cd0a08d695ca8b1136b0db2f45397a04f1ac5a9a250
- SHA512
  
  2952dee399886f2b82463eb69eba02b30c29dab0efd1883b826cd2804497fd30b2536cea3cf8d2acb42065be6f3a47dcc567f38917bfdf9b754988f2bf4f9a06
- SSDEEP
  
  6144:UkJLPvkxjs9QVO/+ywvE+JHq8TjlVklPH:UkJjcNsuVO/CECflU
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2025

Terms | Privacy