General
-
Target
Trojan-Banker.Win32.Danabot.jrm-222243b9e36ae.dll
-
Size
1.3MB
-
Sample
230604-g1fcjsbd33
-
MD5
b1d4dc3e5c3ead845633192b2ead54b8
-
SHA1
d218d3b60d05815276b0710936ccb6cfbe5e8988
-
SHA256
222243b9e36aedde4fed2b6a8a5decec275855d21217dc05069b20bfff504973
-
SHA512
9831e53e079eb42c5e37ca7e7d376362d761a92400a0e3af5558bc72b85d91d8bb0ac85bcf44c83c52a8c6926d77c7a771a06b9a999c3093b474b7cc8ce2cd6f
-
SSDEEP
24576:v8FGeFev0cpnnAQqse/09FdOp+Ad7TEyCxyIhTHe6PKpglcJ:kI0vldHEyOhT+6yph
Behavioral task
behavioral1
Sample
Trojan-Banker.Win32.Danabot.jrm-222243b9e36ae.dll
Resource
win7-20230220-en
Malware Config
Extracted
danabot
4
23.254.144.209:443
23.254.227.74:443
192.255.166.212:443
-
embedded_hash
0E1A7A1479C37094441FA911262B322A
-
type
loader
Targets
-
-
Target
Trojan-Banker.Win32.Danabot.jrm-222243b9e36ae.dll
-
Size
1.3MB
-
MD5
b1d4dc3e5c3ead845633192b2ead54b8
-
SHA1
d218d3b60d05815276b0710936ccb6cfbe5e8988
-
SHA256
222243b9e36aedde4fed2b6a8a5decec275855d21217dc05069b20bfff504973
-
SHA512
9831e53e079eb42c5e37ca7e7d376362d761a92400a0e3af5558bc72b85d91d8bb0ac85bcf44c83c52a8c6926d77c7a771a06b9a999c3093b474b7cc8ce2cd6f
-
SSDEEP
24576:v8FGeFev0cpnnAQqse/09FdOp+Ad7TEyCxyIhTHe6PKpglcJ:kI0vldHEyOhT+6yph
-
Danabot Loader Component
-
Blocklisted process makes network request
-