danabot | ee67bbba7c125f2a45b79476ff5e41f29b364f2f22c659aa76f44ef17ae3d7d3 | Triage

Submit
Reports

Overview

overview

Static

static

1

sample.html

windows10-2004-x64

Sharing

General

Target

sample
Size

18KB
Sample

240423-qvdq7sgf7y
MD5

83adf2a9493d0711fcfdaa64b040bb6c
SHA1

fe0b6838b520a6fe0d4c0d75275c08d06ae236bd
SHA256

ee67bbba7c125f2a45b79476ff5e41f29b364f2f22c659aa76f44ef17ae3d7d3
SHA512

c09c190494dc72214b418126dec222640f4654168f7c530cdd70b9331acba797cad51250631e8b5dc9675b0717195514acd5f535d39e256447aef99bf16936f6
SSDEEP

384:rCgPDpmReVoOs4Si9ylKeGMVU8HhhbBqbM7rS2LjFrSnT+SVJCBXQL:rHPBVoOs4SmyI1M5BhbEb67FrSnFJQQL

Score

10^/10

danabot banker botnet trojan

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win10v2004-20240412-en

danabot banker botnet trojan

windows10-2004-x64

16 signatures

1800 seconds

Malware Config

Extracted

Family

danabot

C2

51.178.195.151

51.222.39.81

149.255.35.125

38.68.50.179

51.77.7.204

rsa_pubkey.plain

Targets

- Target
  
  sample
- Size
  
  18KB
- MD5
  
  83adf2a9493d0711fcfdaa64b040bb6c
- SHA1
  
  fe0b6838b520a6fe0d4c0d75275c08d06ae236bd
- SHA256
  
  ee67bbba7c125f2a45b79476ff5e41f29b364f2f22c659aa76f44ef17ae3d7d3
- SHA512
  
  c09c190494dc72214b418126dec222640f4654168f7c530cdd70b9331acba797cad51250631e8b5dc9675b0717195514acd5f535d39e256447aef99bf16936f6
- SSDEEP
  
  384:rCgPDpmReVoOs4Si9ylKeGMVU8HhhbBqbM7rS2LjFrSnT+SVJCBXQL:rHPBVoOs4SmyI1M5BhbEb67FrSnFJQQL
Score

10^/10

danabot banker botnet trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

danabotbankerbotnettrojan

© 2018-2024

Terms | Privacy