New DanaBot Banking Malware Attack with Stealer and Remote Access [source: gbhackers]
by CIRT Team
New Banking malware called “DanaBot” actively attacking various counties organization with sophisticated evasion technique and act as a Stealer and ability to gain remote access from targeted victims machine.
DanaBot content some evasion technique such as extensive anti-analysis features and targeting various countries including Poland, Italy, Germany, and Austria, Australia and mainly targeting organization in the U.S.
DanaBot is a banking malware written in the Delphi programming language and also it has some junk codes with extra instructions, conditional statements, and loops.
In order to make difficult to analyze the code by analyst and automatic tools, it uses Windows API function hashing and encrypted strings.
Also this malware under active development and keep adding new futures, geographic expansion and add other new malicious activities.
For more, click here.