Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

danabot_sample.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    danabot_sample.exe

  • Size

    948KB

  • Sample

    240329-pmkn4shc98

  • MD5

    72fa468dd1c931ad5eafd8423d76639d

  • SHA1

    db9de9890ac62eb8896133ab1dde66d01b3cee2d

  • SHA256

    9a4e68d142593c0b68ce959f4c34bbdf477d67096eaa6db92b1577270e63c122

  • SHA512

    bc3ec5c56f6253b1842e838067250aa1c3efc6ff58d1fadf1b1cd53d488fe5e11a426abc64dfc537915cd62da07f4a3e08bb31a6682eb5d2987b46ba82a34a2a

  • SSDEEP

    24576:2PwCztr2dnOG8d3bS4ID4TpwkzXCD4D2ofZskmgPr:dCzIhWpIvkLCD2f1mgP

Score
10/10
danabotbankerbotnettrojan

Malware Config

Extracted

Family

danabot

C2

5.61.58.130

2.56.213.39

5.61.56.192
rsa_pubkey.plain

Targets

    • Target

      danabot_sample.exe

    • Size

      948KB

    • MD5

      72fa468dd1c931ad5eafd8423d76639d

    • SHA1

      db9de9890ac62eb8896133ab1dde66d01b3cee2d

    • SHA256

      9a4e68d142593c0b68ce959f4c34bbdf477d67096eaa6db92b1577270e63c122

    • SHA512

      bc3ec5c56f6253b1842e838067250aa1c3efc6ff58d1fadf1b1cd53d488fe5e11a426abc64dfc537915cd62da07f4a3e08bb31a6682eb5d2987b46ba82a34a2a

    • SSDEEP

      24576:2PwCztr2dnOG8d3bS4ID4TpwkzXCD4D2ofZskmgPr:dCzIhWpIvkLCD2f1mgP

    Score
    10/10
    danabotbankerbotnettrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot x86 payload

      Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

      botnet

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks