Overview

overview

10

Static

static

10

dfc2fc8338...0e.dll

windows7-x64

10

dfc2fc8338...0e.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dfc2fc8338d770adcedd4bd47d721e0e

  • Size

    1.3MB

  • Sample

    240326-whythabb21

  • MD5

    dfc2fc8338d770adcedd4bd47d721e0e

  • SHA1

    d982231f8a1b2fdaadbb8dad48f1fb0dfd26e10d

  • SHA256

    55cd006fcf41b6aed545662f0d097cfa3795a5efc5114abad50393aa83e969e5

  • SHA512

    cca75d8ecb790ae94448103c4256240b8c4ef83703ce61673a553514719a8a59b99688f70e185d37978a235ec8eced97d6887e7970536671fd8bf3ebe5e5da8a

  • SSDEEP

    24576:L8pWEmDXswcrLEEcQ1fObM5HqTgNmsBdXTWnrO:QtSzeTBdXTq

Score
10/10
danabot4bankertrojan

Malware Config

Extracted

Family

danabot

Botnet

4

C2

23.229.29.48:443

5.9.224.204:443

192.210.222.81:443
Attributes
  • embedded_hash

    0E1A7A1479C37094441FA911262B322A

  • type

    loader

rsa_pubkey.plain
rsa_privkey.plain

Targets

    • Target

      dfc2fc8338d770adcedd4bd47d721e0e

    • Size

      1.3MB

    • MD5

      dfc2fc8338d770adcedd4bd47d721e0e

    • SHA1

      d982231f8a1b2fdaadbb8dad48f1fb0dfd26e10d

    • SHA256

      55cd006fcf41b6aed545662f0d097cfa3795a5efc5114abad50393aa83e969e5

    • SHA512

      cca75d8ecb790ae94448103c4256240b8c4ef83703ce61673a553514719a8a59b99688f70e185d37978a235ec8eced97d6887e7970536671fd8bf3ebe5e5da8a

    • SSDEEP

      24576:L8pWEmDXswcrLEEcQ1fObM5HqTgNmsBdXTWnrO:QtSzeTBdXTq

    Score
    10/10
    danabot4bankertrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks