MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 014cbdc259ef1fde1a1e27b064eebcfa8344075d591dad1ab56888df71a13a89. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


DanaBot


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 014cbdc259ef1fde1a1e27b064eebcfa8344075d591dad1ab56888df71a13a89
SHA3-384 hash: 409cc916f2555474da1fd7d360e163f2c9f51e20012dc55315ea3ddbb2749d3b8cb789bcc83b7ea4b9e01b6d129dee80
SHA1 hash: 928f0cde4c8d935e181aa9b1990d72cbe58fd6eb
MD5 hash: 00b24dcb1665fc7c6e67e51ed80d660f
humanhash: finch-hotel-jupiter-utah
File name:00b24dcb1665fc7c6e67e51ed80d660f.exe
Download: download sample
Signature DanaBot
Create hunting rule
File size:1'075'712 bytes
First seen:2020-05-02 10:32:17 UTC
Last seen:2020-05-02 12:00:28 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash cfae1388aa40a45341161bd352c242ae (1 x DanaBot)
ssdeep 24576:9QurI9Kqgrkv7yNS9QgPB5zbuawcXQhgKF:9QAI9KfQyEQq2O2XF
Threatray 55 similar samples on MalwareBazaar
TLSH E735122237D0CDF6F1625E306952C6A49AEBBC265E25558FCB84672F0E370E087ED346
Reporter abuse_ch
Tags:DanaBot exe

Intelligence

File Origin
# of uploads :
2
# of downloads :
789
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BehavesLike.Win32.Generic.tc.2304.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Danabot
Create hunting rule
Status:
Malicious
First seen:
2020-05-02 10:35:38 UTC
File Type:
PE (Exe)
Extracted files:
54
AV detection:
25 of 31 (80.65%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=afgl3qsz54p54gq6e6ygj3v47kbuib25leo22gvvncen64nbhkeq._file
Verdict:
malicious
Similar samples:
013ed964d37e80ee700dd98ba83bc25692ee92b4895b92eed17c4ef5359432f8
DanaBot
3168462b40b11698b32fa1f90b8d684cba056ff88837ad67efad1d203641deec
DanaBot
34fea5456bb0c7351da3e67c7bcc8f58bcb70ac5b7d9d70e1204a5f4556958c4
DanaBot
4ca951e9d3fcc4196ad777f1f908cf2857e6ed55a7d72d7b0f6636a6b522fe7e
DanaBot
6548bb28396f639c2aef92957b6858d369c7626a881f000d089646811075955f
DanaBot
69e0603bc5aabcf9ed60c2ed34e96b5464fc13c89585fb7478aa053aed3f0138
DanaBot
a7a764414712bf2cc09bebe1b8e7dd257fbe7242c4fc103dd7f5876391af0337
DanaBot
ba060accb7e8c43b290f35cfd229954de469309d5f289c9ba5f60a95510c914d
DanaBot
cbeaf4b12d6ee7771977a0d287da80ed0d7861b68ba44664aa9e4c27d11c79ce
DanaBot
d46fdde4c0b259e0c6301ce8a1c94c5bcfd15f4c277cd6b61e33cb5a9e2629e9
DanaBot
+ 45 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

DanaBot

Executable exe 014cbdc259ef1fde1a1e27b064eebcfa8344075d591dad1ab56888df71a13a89

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/354587/
  
Delivery method
Distributed via web download

Comments