Extracted

• • Target

    B6F6C74F86A145460F03AC3A0520D3345FC7FCC1

  • Size

    8.9MB

  • MD5

    e1438c21e6de91615a6a5e2a48f274fc

  • SHA1

    b6f6c74f86a145460f03ac3a0520d3345fc7fcc1

  • SHA256

    9cbaec7eb2c14ecdc39095c2deae0c20cb42e9f28466307c44f5848de49a58ef

  • SHA512

    9be5f304259a2bbc488cde3a9a5cf09b2019a14e32538d79e88e3d1785bce5a3dcfca6702d235d5ec87b4bdf043f3c6a41762ccc2ba6fed8ee63366c0f2e0879

  • SSDEEP

    196608:9n520ZroZkRsj6N+gdC1fcmwz/MIpqPuJS8ErZ/0jCi:9n52eSFjG+aAfcRo4Kz8W0j

  Score

  10^/10

  danabotbankerdiscoverypersistenceprivilege_escalationtrojan

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot

  • Danabot family

    danabot

  • Blocklisted process makes network request

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2