General

  • Target

    meitneriumatm.dll

  • Size

    7.7MB

  • Sample

    250228-he1xssvkt4

  • MD5

    043dae1b817ae561da9d6654b6354696

  • SHA1

    a9f62f9ca8faa6023c4ef755d3b1f5aed2914516

  • SHA256

    9de78011f776d2f3c963c6c3f77bc7af98ac51b4dbd11350850a8416bf767c36

  • SHA512

    b7b44df89e93de8f31a35a22ed7b2d292cbad83ef564281af8e50aedade2f3ed4560b1e2ee9d91a5f1b270c407eafbef0f983895f8ed6651428ec5fe7389198e

  • SSDEEP

    196608:H1HUS2bBcMYpFirD1s+KHONOXNAEbbTNk3S:HFUSw3o4lstuY9/

Malware Config

Extracted

Family

danabot

Attributes
  • embedded_hash

    5059953BB045843A520147F73664DC78

  • type

    loader

Targets

    • Target

      meitneriumatm.dll

    • Size

      7.7MB

    • MD5

      043dae1b817ae561da9d6654b6354696

    • SHA1

      a9f62f9ca8faa6023c4ef755d3b1f5aed2914516

    • SHA256

      9de78011f776d2f3c963c6c3f77bc7af98ac51b4dbd11350850a8416bf767c36

    • SHA512

      b7b44df89e93de8f31a35a22ed7b2d292cbad83ef564281af8e50aedade2f3ed4560b1e2ee9d91a5f1b270c407eafbef0f983895f8ed6651428ec5fe7389198e

    • SSDEEP

      196608:H1HUS2bBcMYpFirD1s+KHONOXNAEbbTNk3S:HFUSw3o4lstuY9/

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

    • Danabot family

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks