danabot

General

Target

0388e550fac225c641734d44a87face6ead134708c1a9c5ae2419f1f05737d4dN.exe
Size

616KB
Sample

241220-haw32ssqgk
MD5

6ec42c84727eb27e2c3b6e3fb069b080
SHA1

7cdae925c202f1729a43e05254f6000d179e9dd5
SHA256

0388e550fac225c641734d44a87face6ead134708c1a9c5ae2419f1f05737d4d
SHA512

b780e6180f697171d16e4cd282e1b97352f6460a11f15c3d7a961b94e0fbc0ef52f5c1f5092f0db6d6ffc15f155f71203ea0216ec332fc06457fd73ac9109620
SSDEEP

12288:F0IxnPCkOQ+0YtBIswp33fxtllq1fqy8MoZvOCAXAcfpXah:FPCkOjPtTq35I1o7ZvMXAcfpX2

Score

10^/10

Malware Config

Extracted

Family

danabot

C2

54.60.77.202

21.128.50.46

81.176.152.14

141.224.254.110

149.154.159.213

234.106.156.3

219.100.253.155

195.123.220.45

159.52.151.187

27.183.136.28

rsa_pubkey.plain

Targets

- Target
  
  0388e550fac225c641734d44a87face6ead134708c1a9c5ae2419f1f05737d4dN.exe
- Size
  
  616KB
- MD5
  
  6ec42c84727eb27e2c3b6e3fb069b080
- SHA1
  
  7cdae925c202f1729a43e05254f6000d179e9dd5
- SHA256
  
  0388e550fac225c641734d44a87face6ead134708c1a9c5ae2419f1f05737d4d
- SHA512
  
  b780e6180f697171d16e4cd282e1b97352f6460a11f15c3d7a961b94e0fbc0ef52f5c1f5092f0db6d6ffc15f155f71203ea0216ec332fc06457fd73ac9109620
- SSDEEP
  
  12288:F0IxnPCkOQ+0YtBIswp33fxtllq1fqy8MoZvOCAXAcfpXah:FPCkOjPtTq35I1o7ZvMXAcfpX2
Score

10^/10

danabot banker discovery trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot family
  danabot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Danabot family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2