New DanaBot Banking Malware Attack with Stealer and Remote Access [source: gbhackers]
New Banking malware called “DanaBot” actively attacking various counties organization with sophisticated evasion technique and act as a Stealer and ability to gain remote access from targeted victims machine.
DanaBot content some evasion technique such as extensive anti-analysis features and targeting various countries including Poland, Italy, Germany, and Austria, Australia and mainly targeting organization in the U.S.
DanaBot is a banking malware written in the Delphi programming language and also it has some junk codes with extra instructions, conditional statements, and loops.
In order to make difficult to analyze the code by analyst and automatic tools, it uses Windows API function hashing and encrypted strings.
Also this malware under active development and keep adding new futures, geographic expansion and add other new malicious activities.
For more, click here.
Recommended Posts
Lazarus supply‑chain attack in South Korea [welivesecurity]
22 Nov 2020 - CIRT In Media, News Clipping
BlockThreat – Week 26, 2020
08 Jul 2020 - News Clipping