Overview

overview

10

Static

static

10

134bf73abd...eb.dll

windows7-x64

10

134bf73abd...eb.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    134bf73abd898fa7c3f686ada2294b18288cd3542310d9f609867d31cf36e2eb

  • Size

    1.3MB

  • Sample

    231106-mrk5bsae9z

  • MD5

    06dc71fb0396f27a50200e7c800c56d9

  • SHA1

    52df8d8b3daaaef060616c5ada6039fca1f447e6

  • SHA256

    134bf73abd898fa7c3f686ada2294b18288cd3542310d9f609867d31cf36e2eb

  • SHA512

    ccd32b03ac68ac7213c39e336f3e1f186bfcaa5210f47a762d96f0c9130ce02a4156f54701faea6c512eeaa33850e96828e9a53c15930d6c999ebcab23e1a29f

  • SSDEEP

    24576:qcFXBjis24E0ykpDOxlEtesuSibHsVS+kVTTQPTBWcys:RD2JKtesQbHd+cT2BWPs

Score
10/10
danabot4bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

4

C2

192.236.161.79:443

192.236.146.39:443

37.220.31.27:443
Attributes
  • embedded_hash

    7FF0AA10AB3BA961670646D23EAE3911

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      134bf73abd898fa7c3f686ada2294b18288cd3542310d9f609867d31cf36e2eb

    • Size

      1.3MB

    • MD5

      06dc71fb0396f27a50200e7c800c56d9

    • SHA1

      52df8d8b3daaaef060616c5ada6039fca1f447e6

    • SHA256

      134bf73abd898fa7c3f686ada2294b18288cd3542310d9f609867d31cf36e2eb

    • SHA512

      ccd32b03ac68ac7213c39e336f3e1f186bfcaa5210f47a762d96f0c9130ce02a4156f54701faea6c512eeaa33850e96828e9a53c15930d6c999ebcab23e1a29f

    • SSDEEP

      24576:qcFXBjis24E0ykpDOxlEtesuSibHsVS+kVTTQPTBWcys:RD2JKtesQbHd+cT2BWPs

    Score
    10/10
    danabot4bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks