Overview

overview

10

Static

static

3

a7d32bdbb4...79.exe

windows7-x64

10

a7d32bdbb4...79.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a7d32bdbb4d6f252707a1a16e14148a51959bc6bc68a2719742337f8a52ff179

  • Size

    1.1MB

  • Sample

    240226-12cgtshe36

  • MD5

    5052b6c32e76ca2c3b5e9226c4bf7466

  • SHA1

    5b9ef788683885cfb12f7f7606a97a0902804eb6

  • SHA256

    a7d32bdbb4d6f252707a1a16e14148a51959bc6bc68a2719742337f8a52ff179

  • SHA512

    5fd76b72a1bbc32fd3fe0287d84e5fa5eeed7b6afc329db250ab076716a8e2dbbcdf588a80e2bf1f5c30f4e9013914a60c9e18791cf8e08629fa256834ccd826

  • SSDEEP

    12288:R70yQ1kTq0Ax8ObckR/IQ2Q50dV42pzUUSm1CrhrSR9sSQxsQZS6lu3ApW9nSkjB:KYTtAxBck7Za5D1Cr9SbsBrS6MBbjyE

Score
10/10
danabot5bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

5

C2

103.144.139.105:443

192.236.161.4:443

185.62.58.85:443

23.254.217.192:443
Attributes
  • embedded_hash

    FCEC7AD71028CF938951341A0D9CC1A6

  • type

    loader

Targets

    • Target

      a7d32bdbb4d6f252707a1a16e14148a51959bc6bc68a2719742337f8a52ff179

    • Size

      1.1MB

    • MD5

      5052b6c32e76ca2c3b5e9226c4bf7466

    • SHA1

      5b9ef788683885cfb12f7f7606a97a0902804eb6

    • SHA256

      a7d32bdbb4d6f252707a1a16e14148a51959bc6bc68a2719742337f8a52ff179

    • SHA512

      5fd76b72a1bbc32fd3fe0287d84e5fa5eeed7b6afc329db250ab076716a8e2dbbcdf588a80e2bf1f5c30f4e9013914a60c9e18791cf8e08629fa256834ccd826

    • SSDEEP

      12288:R70yQ1kTq0Ax8ObckR/IQ2Q50dV42pzUUSm1CrhrSR9sSQxsQZS6lu3ApW9nSkjB:KYTtAxBck7Za5D1Cr9SbsBrS6MBbjyE

    Score
    10/10
    danabot5bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks