General
-
Target
350bc8a075df7398bf36d979c2bfaa4e91917533b6c9082d291f8fca600d4bdf
-
Size
304KB
-
Sample
221219-y6l6qabb61
-
MD5
410a8d5cf7b996f1cc0d7db9714d3e1d
-
SHA1
19db193da1056e5c93dbc7065f818f2a20ebd7c1
-
SHA256
350bc8a075df7398bf36d979c2bfaa4e91917533b6c9082d291f8fca600d4bdf
-
SHA512
e6885f67314a8c84af17c83f2aa77e26e81ec989daee5da1bd883ba86f5a352b4b71d81c724ed84ce54f6e7d14bd922e3f7cf19bb0847427da30464d77eddec4
-
SSDEEP
6144:DLmDVAGvMT+gggLtT8Tm362df1Jv/63QZImQKG0:D+VALT+gggLtT8Tm36Cf1VgQZW
Malware Config
Targets
-
-
Target
350bc8a075df7398bf36d979c2bfaa4e91917533b6c9082d291f8fca600d4bdf
-
Size
304KB
-
MD5
410a8d5cf7b996f1cc0d7db9714d3e1d
-
SHA1
19db193da1056e5c93dbc7065f818f2a20ebd7c1
-
SHA256
350bc8a075df7398bf36d979c2bfaa4e91917533b6c9082d291f8fca600d4bdf
-
SHA512
e6885f67314a8c84af17c83f2aa77e26e81ec989daee5da1bd883ba86f5a352b4b71d81c724ed84ce54f6e7d14bd922e3f7cf19bb0847427da30464d77eddec4
-
SSDEEP
6144:DLmDVAGvMT+gggLtT8Tm362df1Jv/63QZImQKG0:D+VALT+gggLtT8Tm36Cf1VgQZW
Score10/10-
Danabot
Danabot is a modular banking Trojan that has been linked with other malware.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-