Overview

overview

10

Static

static

1

93556130a3...32.exe

windows7-x64

10

93556130a3...32.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    93556130a3846a62780b2b331cd19ea0_exe32.exe

  • Size

    1.3MB

  • Sample

    231015-yd78gseh69

  • MD5

    93556130a3846a62780b2b331cd19ea0

  • SHA1

    c9338f9aa57a389ba12d693c5bd0f8d52243bfdd

  • SHA256

    8c12d821cae4d797fece228c0f433a007b8ad0643b778de8fa8a20b01504a522

  • SHA512

    cfa6ddbb739fd464f0e03874cc6737329d595ea3d28b0839305d2e599fd045eb046a880d25f029ebbce4f4d8fced03028de0264e05a8ea8eae929f17b3e116c7

  • SSDEEP

    24576:puEOfDlEUKWfOmTPn5Yw/noda9Kul5dF4ip8W0zZcqzCDx:0fU4LbxouKul5dC7zzZY

Score
10/10
danabotbankertrojan

Malware Config

Targets

    • Target

      93556130a3846a62780b2b331cd19ea0_exe32.exe

    • Size

      1.3MB

    • MD5

      93556130a3846a62780b2b331cd19ea0

    • SHA1

      c9338f9aa57a389ba12d693c5bd0f8d52243bfdd

    • SHA256

      8c12d821cae4d797fece228c0f433a007b8ad0643b778de8fa8a20b01504a522

    • SHA512

      cfa6ddbb739fd464f0e03874cc6737329d595ea3d28b0839305d2e599fd045eb046a880d25f029ebbce4f4d8fced03028de0264e05a8ea8eae929f17b3e116c7

    • SSDEEP

      24576:puEOfDlEUKWfOmTPn5Yw/noda9Kul5dF4ip8W0zZcqzCDx:0fU4LbxouKul5dC7zzZY

    Score
    10/10
    danabotbankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks