Overview

overview

10

Static

static

10

1444150d85...b0.dll

windows7-x64

10

1444150d85...b0.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1444150d8533f4f4af1828e62cbec1b0

  • Size

    1.3MB

  • Sample

    231230-k8xtcafhcm

  • MD5

    1444150d8533f4f4af1828e62cbec1b0

  • SHA1

    f1b4c7385a94ed689105d093f5478ca3163dbb1c

  • SHA256

    b4e8d67564e930306b55bcd4b5b33993690ac29bd60a1df19d459294cf4416bd

  • SHA512

    2fbcf056f9fb25e5e3b28563cf9e09fcef1c75b2ec477f5cf522ac8cdfa852db1879f2b023f82e2ff0f268c3e39c8af3804497854d12f914d94843c2285ed013

  • SSDEEP

    24576:hncFdfWiCRbBa5/Z+CFLXLC4FnQYsY2FmD11lvTqcnuU:mDnVnsY2uvTr

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

192.210.222.81:443

23.229.29.48:443

5.9.224.204:443

192.255.166.212:443
Attributes
  • embedded_hash

    100700D372965A717E89B8C909E1D8D4

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      1444150d8533f4f4af1828e62cbec1b0

    • Size

      1.3MB

    • MD5

      1444150d8533f4f4af1828e62cbec1b0

    • SHA1

      f1b4c7385a94ed689105d093f5478ca3163dbb1c

    • SHA256

      b4e8d67564e930306b55bcd4b5b33993690ac29bd60a1df19d459294cf4416bd

    • SHA512

      2fbcf056f9fb25e5e3b28563cf9e09fcef1c75b2ec477f5cf522ac8cdfa852db1879f2b023f82e2ff0f268c3e39c8af3804497854d12f914d94843c2285ed013

    • SSDEEP

      24576:hncFdfWiCRbBa5/Z+CFLXLC4FnQYsY2FmD11lvTqcnuU:mDnVnsY2uvTr

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks