danabot | 3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b
Size

307KB
Sample

221219-jk67fahe51
MD5

a5089b57c3537d123c7cf951bdc0d579
SHA1

026b57e3119b30943590892e8e1019e28afb5cec
SHA256

3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b
SHA512

67d3ce512c375d1a7ea81d002e152dc2f7b3b1ed20724e38d422bb2c46b01185d01b9ba2219de8105a90791c9d6920ebebc56daf8a5dfdb165392b947c841602
SSDEEP

6144:+KRFdKLLpE6QqKQ6bWm4XZ/gOOoNMJFr0iPvzpQ6rFiaI:+VHpEKzWWzXRgT7brxnzpQ6rF

Score

10^/10

danabot smokeloader backdoor banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b.exe

Resource

win10v2004-20221111-en

danabot smokeloader backdoor banker trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b
- Size
  
  307KB
- MD5
  
  a5089b57c3537d123c7cf951bdc0d579
- SHA1
  
  026b57e3119b30943590892e8e1019e28afb5cec
- SHA256
  
  3545774411804a999dca383b587618444598550f917cd29aada8166d276cea1b
- SHA512
  
  67d3ce512c375d1a7ea81d002e152dc2f7b3b1ed20724e38d422bb2c46b01185d01b9ba2219de8105a90791c9d6920ebebc56daf8a5dfdb165392b947c841602
- SSDEEP
  
  6144:+KRFdKLLpE6QqKQ6bWm4XZ/gOOoNMJFr0iPvzpQ6rFiaI:+VHpEKzWWzXRgT7brxnzpQ6rF
Score

10^/10

danabot smokeloader backdoor banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Detects Smokeloader packer
- SmokeLoader
  Modular backdoor trojan in use since 2014.
  trojan backdoor smokeloader
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotsmokeloaderbackdoorbankertrojan

© 2018-2024

Terms | Privacy