General

  • Target

    320fda79d079792c1ac110662bc8f977

  • Size

    1.3MB

  • Sample

    231231-l4pgvahfcj

  • MD5

    320fda79d079792c1ac110662bc8f977

  • SHA1

    b3b6514a38c0d0bc9a159cfca0dec031dcea0387

  • SHA256

    41c07417968f98fa28046d9f63cc4907e2b56dc7586bd57eb7df3b174d9c81e3

  • SHA512

    7791916d285954afffe456e9960d23753a9bbc4749c200355e2b24ddd0de0c899845dd46b0dc4869e645e4c7167d9378cfbe3e9430f34855a768ddd179a07139

  • SSDEEP

    24576:L8pWEmDXswcrLEEcQ1fObM5HqTgNmsBdxTWnrO:QtSzeTBdxTq

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

23.229.29.48:443

5.9.224.204:443

192.210.222.81:443

Attributes
  • embedded_hash

    0E1A7A1479C37094441FA911262B322A

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      320fda79d079792c1ac110662bc8f977

    • Size

      1.3MB

    • MD5

      320fda79d079792c1ac110662bc8f977

    • SHA1

      b3b6514a38c0d0bc9a159cfca0dec031dcea0387

    • SHA256

      41c07417968f98fa28046d9f63cc4907e2b56dc7586bd57eb7df3b174d9c81e3

    • SHA512

      7791916d285954afffe456e9960d23753a9bbc4749c200355e2b24ddd0de0c899845dd46b0dc4869e645e4c7167d9378cfbe3e9430f34855a768ddd179a07139

    • SSDEEP

      24576:L8pWEmDXswcrLEEcQ1fObM5HqTgNmsBdxTWnrO:QtSzeTBdxTq

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks