danabot | 504511b22308827894ca20fbd50bbf5dd45345391eb117eace44aacd67c2953f | Triage

Submit
Reports

Overview

overview

Static

static

1

Screenshot...PM.png

windows10-2004-x64

Resubmissions

28/02/2025, 16:11

250228-tna9aa1vbv 1

28/02/2025, 16:04

250228-th4cwaskx3 10

Sharing

General

Target

Screenshot 2025-02-27 7.16.15 PM.png
Size

113KB
Sample

250228-th4cwaskx3
MD5

5c9c2ae01e42fb74dd198e9a9233cb83
SHA1

ab1deda77154ec4067198d1939f084b62daf61f3
SHA256

504511b22308827894ca20fbd50bbf5dd45345391eb117eace44aacd67c2953f
SHA512

7160c5cb3a49b4461907ea8c566fe1519b8005e7cd323550e457e757a418ed096c003fe3f56b80f1584bd8a64909f514642ad6307840ba6b5c2f521711fc3739
SSDEEP

3072:fZV+gCgOdAxKhWDqV2Y4leJqMAnzPXiMwL:8nWDu27lgAzPLm

Score

10^/10

danabot banker botnet discovery trojan

Static task

static1

Behavioral task

behavioral1

Sample

Screenshot 2025-02-27 7.16.15 PM.png

Resource

win10v2004-20250217-en

danabot banker botnet discovery trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Extracted

Family

danabot

C2

51.178.195.151

51.222.39.81

149.255.35.125

38.68.50.179

51.77.7.204

rsa_pubkey.plain

Targets

- Target
  
  Screenshot 2025-02-27 7.16.15 PM.png
- Size
  
  113KB
- MD5
  
  5c9c2ae01e42fb74dd198e9a9233cb83
- SHA1
  
  ab1deda77154ec4067198d1939f084b62daf61f3
- SHA256
  
  504511b22308827894ca20fbd50bbf5dd45345391eb117eace44aacd67c2953f
- SHA512
  
  7160c5cb3a49b4461907ea8c566fe1519b8005e7cd323550e457e757a418ed096c003fe3f56b80f1584bd8a64909f514642ad6307840ba6b5c2f521711fc3739
- SSDEEP
  
  3072:fZV+gCgOdAxKhWDqV2Y4leJqMAnzPXiMwL:8nWDu27lgAzPLm
Score

10^/10

danabot banker botnet discovery trojan
- Danabot
  Danabot is a modular banking Trojan that has been linked with other malware.
  trojan banker danabot
- Danabot family
  danabot
- Danabot x86 payload
  Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
  botnet
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

danabotbankerbotnetdiscoverytrojan

© 2018-2025

Terms | Privacy