DanaDetector

DanaDetector is a free tool that can detect DanaBot infections and identify the malware's artifacts including:

Executable filename
DLL filename
TMP filename
Persistence
- Registry value name
- Services name
- Scheduled task name
Window information
- Title name
- Class name

Compatibility

DanaDetector is compatible with Windows 7 through Windows 11 and supports recent versions of DanaBot.

Usage

Usage: DanaDetector.exe v0.1 [options]
        -d    --debug                Debug mode.
        -h    --help                 Show help and exit.

Clean System Demo

Active Infection Demo

Reference Blog

More details about DanaDetector and DanaBot can be found here: https://www.zscaler.com/blogs/security-research/operation-endgame-2-0-danabusted

Example DanaBot Samples

SHA256	Description
2f8e0fc38eaf08a69653f40867dcd4cc951a10cd92b8168898b9aa45ba18a5c8	DanaBot main module
871862d1117fd7d2df907406a3ce08555196800b0ef9901dd4c46f82b728263d	DanaBot main module

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
assets		assets
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

DanaDetector

Compatibility

Usage

Clean System Demo

Active Infection Demo

Reference Blog

Example DanaBot Samples

About

Uh oh!

Releases 1

Packages

License

ThreatLabz/danadetector

Folders and files

Latest commit

History

Repository files navigation

DanaDetector

Compatibility

Usage

Clean System Demo

Active Infection Demo

Reference Blog

Example DanaBot Samples

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 1

Packages 0

Packages