New DanaBot Banking Malware Attack with Stealer and Remote Access [source: gbhackers]

by CIRT Team

New Banking malware called “DanaBot” actively attacking various counties organization with sophisticated evasion technique and act as a Stealer and ability to gain remote access from targeted victims machine.

DanaBot content some evasion technique such as extensive anti-analysis features and targeting various countries including Poland, Italy, Germany, and Austria, Australia and mainly targeting organization in the U.S.

DanaBot is a banking malware written in the Delphi programming language and also it has some junk codes with extra instructions, conditional statements, and loops.

In order to make difficult to analyze the code by analyst and automatic tools, it uses  Windows API function hashing and encrypted strings.

Also this malware under active development and keep adding new futures, geographic expansion and add other new malicious activities.

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping