General

  • Target

    40c52467bf8d498432a74b03ee61d1fd

  • Size

    1.3MB

  • Sample

    240104-nt9q5sefhl

  • MD5

    40c52467bf8d498432a74b03ee61d1fd

  • SHA1

    9b35f4894ee98e24ebf60f5ab4fac32dfe8e3fd9

  • SHA256

    4015f5872b03b7b4c871fa416063236b27d82539493d0fc6926729975490ba7b

  • SHA512

    55f4edb10bd969376c2e0822c235a6cf29a3271faa41e5cb3bb2ddb734737631688244be6bc483dcf74cb5570b67352c36e4bf84dee15b10e460b55b6b48140f

  • SSDEEP

    24576:rcF2ewKiUPzP/iczKo1nkYx+WtGdzTxDs/UD5:w3NOQ+FzTe

Score
10/10

Malware Config

Extracted

Family

danabot

Botnet

4

C2

23.229.29.48:443

5.9.224.204:443

Attributes
  • embedded_hash

    0E1A7A1479C37094441FA911262B322A

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      40c52467bf8d498432a74b03ee61d1fd

    • Size

      1.3MB

    • MD5

      40c52467bf8d498432a74b03ee61d1fd

    • SHA1

      9b35f4894ee98e24ebf60f5ab4fac32dfe8e3fd9

    • SHA256

      4015f5872b03b7b4c871fa416063236b27d82539493d0fc6926729975490ba7b

    • SHA512

      55f4edb10bd969376c2e0822c235a6cf29a3271faa41e5cb3bb2ddb734737631688244be6bc483dcf74cb5570b67352c36e4bf84dee15b10e460b55b6b48140f

    • SSDEEP

      24576:rcF2ewKiUPzP/iczKo1nkYx+WtGdzTxDs/UD5:w3NOQ+FzTe

    Score
    10/10
    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot Loader Component

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks