danabot | 9de78011f776d2f3c963c6c3f77bc7af98ac51b4dbd11350850a8416bf767c36 | Triage

Sharing

General

Target

meitneriumatm.dll
Size

7.7MB
Sample

250228-he1xssvkt4
MD5

043dae1b817ae561da9d6654b6354696
SHA1

a9f62f9ca8faa6023c4ef755d3b1f5aed2914516
SHA256

9de78011f776d2f3c963c6c3f77bc7af98ac51b4dbd11350850a8416bf767c36
SHA512

b7b44df89e93de8f31a35a22ed7b2d292cbad83ef564281af8e50aedade2f3ed4560b1e2ee9d91a5f1b270c407eafbef0f983895f8ed6651428ec5fe7389198e
SSDEEP

196608:H1HUS2bBcMYpFirD1s+KHONOXNAEbbTNk3S:HFUSw3o4lstuY9/

Score

10^/10

danabot banker discovery trojan

Malware Config

Extracted

Family

danabot

Attributes

embedded_hash
5059953BB045843A520147F73664DC78
type
loader

Targets

- Target
  
  meitneriumatm.dll
- Size
  
  7.7MB
- MD5
  
  043dae1b817ae561da9d6654b6354696
- SHA1
  
  a9f62f9ca8faa6023c4ef755d3b1f5aed2914516
- SHA256
  
  9de78011f776d2f3c963c6c3f77bc7af98ac51b4dbd11350850a8416bf767c36
- SHA512
  
  b7b44df89e93de8f31a35a22ed7b2d292cbad83ef564281af8e50aedade2f3ed4560b1e2ee9d91a5f1b270c407eafbef0f983895f8ed6651428ec5fe7389198e
- SSDEEP
  
  196608:H1HUS2bBcMYpFirD1s+KHONOXNAEbbTNk3S:HFUSw3o4lstuY9/
Score

10^/10

danabot banker discovery trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot family
  danabot
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankerdiscoverytrojan

behavioral2

danabotbankerdiscoverytrojan