danabot | 88f4db6b96e03fbf20a489fac30fd6d2e4589ecb1bf919f976c0051cc01225a1 | Triage

Submit
Reports

Overview

overview

Static

static

536faf3a04...59.dll

windows7-x64

536faf3a04...59.dll

windows10-2004-x64

Sharing

General

Target

536faf3a04724480c6a1ae3d4411b059
Size

1.3MB
Sample

240111-ny3tdsfcbj
MD5

536faf3a04724480c6a1ae3d4411b059
SHA1

2810157090ed09f73b5b65ebc885e291c4fe4b30
SHA256

88f4db6b96e03fbf20a489fac30fd6d2e4589ecb1bf919f976c0051cc01225a1
SHA512

cfff467e18f4d94da8bf54e0f9e78bca330d691b1a0525b934367570985dd34dc9453446896c209fa21813c54089cee540f17b087f8ce008ff9193175852e5aa
SSDEEP

24576:I8pWEmJcOdlZn8bBx3wFmLUDD+Dp602UTxIe:bqd0K2NbT6

Score

10^/10

danabot 5 banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

536faf3a04724480c6a1ae3d4411b059.dll

Resource

win7-20231215-en

danabot 5 banker trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

536faf3a04724480c6a1ae3d4411b059.dll

Resource

win10v2004-20231215-en

danabot 5 banker trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Botnet

5

C2

192.210.222.81:443

23.229.29.48:443

192.255.166.212:443

Attributes

embedded_hash
100700D372965A717E89B8C909E1D8D4
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  536faf3a04724480c6a1ae3d4411b059
- Size
  
  1.3MB
- MD5
  
  536faf3a04724480c6a1ae3d4411b059
- SHA1
  
  2810157090ed09f73b5b65ebc885e291c4fe4b30
- SHA256
  
  88f4db6b96e03fbf20a489fac30fd6d2e4589ecb1bf919f976c0051cc01225a1
- SHA512
  
  cfff467e18f4d94da8bf54e0f9e78bca330d691b1a0525b934367570985dd34dc9453446896c209fa21813c54089cee540f17b087f8ce008ff9193175852e5aa
- SSDEEP
  
  24576:I8pWEmJcOdlZn8bBx3wFmLUDD+Dp602UTxIe:bqd0K2NbT6
Score

10^/10

danabot 5 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot5bankertrojan

behavioral2

danabot5bankertrojan

© 2018-2024

Terms | Privacy