Overview

overview

10

Static

static

10

9ff3878d88...43.dll

windows7-x64

10

9ff3878d88...43.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ff3878d883583356feb7b280a081c43

  • Size

    1.3MB

  • Sample

    240216-krss3afc78

  • MD5

    9ff3878d883583356feb7b280a081c43

  • SHA1

    ccd401e219d92121ca57f97c39425816953cfff8

  • SHA256

    d5b505a65a96a2c1fb96a92e19e6e34101f958b37d28bc3042f163f7b0664237

  • SHA512

    f1d65c095651e6caf85584bb51f9822e9898498667050d95d862c2888acfaa5eae2f20e8f6107c15d27e74cd726d2ca197f492c2f14ce109fb9eb1cda5eb3a4d

  • SSDEEP

    24576:HIhaxE+RNNpL5+pcy7ikMDlQMYkKgVfC2LaqTCvYuGP:omC2hD1kZqTo4P

Score
10/10
danabot4bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.244.124:443

142.11.206.50:443
Attributes
  • embedded_hash

    6AD9FE4F9E491E785665E0D144F61DAB

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      9ff3878d883583356feb7b280a081c43

    • Size

      1.3MB

    • MD5

      9ff3878d883583356feb7b280a081c43

    • SHA1

      ccd401e219d92121ca57f97c39425816953cfff8

    • SHA256

      d5b505a65a96a2c1fb96a92e19e6e34101f958b37d28bc3042f163f7b0664237

    • SHA512

      f1d65c095651e6caf85584bb51f9822e9898498667050d95d862c2888acfaa5eae2f20e8f6107c15d27e74cd726d2ca197f492c2f14ce109fb9eb1cda5eb3a4d

    • SSDEEP

      24576:HIhaxE+RNNpL5+pcy7ikMDlQMYkKgVfC2LaqTCvYuGP:omC2hD1kZqTo4P

    Score
    10/10
    danabot4bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks