danabot | 9329c623ff64360ce5e887f27e050ff9c73537aca97761da60fd9ded70e9a8c4 | Triage

Submit
Reports

Overview

overview

Static

static

3

fecbacfbd7...18.exe

windows7-x64

fecbacfbd7...18.exe

windows10-2004-x64

Sharing

General

Target

fecbacfbd7c6c9637a5c9bdc5101b92c_JaffaCakes118
Size

1.1MB
Sample

240421-jm1sfaeg6z
MD5

fecbacfbd7c6c9637a5c9bdc5101b92c
SHA1

edd422674fb34b625753bf24bebecf052ec175ca
SHA256

9329c623ff64360ce5e887f27e050ff9c73537aca97761da60fd9ded70e9a8c4
SHA512

cb1ca2afc808b6e7ce83eb5017d2ac173334baafabe5e7e27f6cde697b30a50bd5bd88424a05e7a867eb015737b7bd04ef8ab4e0de2134c1cab734cda4ff212f
SSDEEP

24576:RDPvuiFY3TVoqQ1fone333t1sJvOEuTH3uVRnknDr5BPA:BXuiFY3TM80dmbuTH3uOn5BI

Score

10^/10

danabot 4 banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fecbacfbd7c6c9637a5c9bdc5101b92c_JaffaCakes118.exe

Resource

win7-20240221-en

danabot 4 banker trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

fecbacfbd7c6c9637a5c9bdc5101b92c_JaffaCakes118.exe

Resource

win10v2004-20240412-en

danabot 4 banker trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

danabot

Botnet

4

C2

142.11.244.124:443

142.11.206.50:443

Attributes

embedded_hash
6AD9FE4F9E491E785665E0D144F61DAB
type
loader

rsa_pubkey.plain

rsa_privkey.plain

Targets

- Target
  
  fecbacfbd7c6c9637a5c9bdc5101b92c_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  fecbacfbd7c6c9637a5c9bdc5101b92c
- SHA1
  
  edd422674fb34b625753bf24bebecf052ec175ca
- SHA256
  
  9329c623ff64360ce5e887f27e050ff9c73537aca97761da60fd9ded70e9a8c4
- SHA512
  
  cb1ca2afc808b6e7ce83eb5017d2ac173334baafabe5e7e27f6cde697b30a50bd5bd88424a05e7a867eb015737b7bd04ef8ab4e0de2134c1cab734cda4ff212f
- SSDEEP
  
  24576:RDPvuiFY3TVoqQ1fone333t1sJvOEuTH3uVRnknDr5BPA:BXuiFY3TM80dmbuTH3uOn5BI
Score

10^/10

danabot 4 banker trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot Loader Component
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

danabot4bankertrojan

behavioral2

danabot4bankertrojan

© 2018-2024

Terms | Privacy