DanaBot updated with new C&C communication

1. DanaBot updated with new C&C communication
2. Indicators of Compromise (IoCs)
3. C&C servers used by the new version of DanaBot
4. 84.54.37[.]102
5. 89.144.25[.]243
6. 89.144.25[.]104
7. 178.209.51[.]211
8. 185.92.222[.]238
9. 192.71.249[.]51
10. Webinject and redirect servers
11. 47.74.249[.]106
12. 95.179.227[.]160
13. 185.158.249[.]144
14. Example hashes
15. Note that since new builds of DanaBot’s components are released regularly, we provide just a sampling of hashes.
16.  
17. Component SHA-1 ESET detection name
18. Dropper 98C70361EA611BA33EE3A79816A88B2500ED7844 Win32/TrojanDropper.Danabot.O
19. Loader (x86), campaign ID=3 0DF17562844B7A0A0170C9830921C3442D59C73C Win32/Spy.Danabot.L
20. Loader (x64), campaign ID=3 B816E90E9B71C85539EA3BB897E4F234A0422F85 Win64/Spy.Danabot.G
21. Loader (x86), campaign ID=9 5F085B19657D2511A89F3172B7887CE29FC70792 Win32/Spy.Danabot.I
22. Loader (x64), campaign ID=9 4075375A08273E65C223116ECD2CEF903BA97B1E Win64/Spy.Danabot.F
23. Main module (x86) 28139782562B0E4CAB7F7885ECA75DFCA5E1D570 Win32/Spy.Danabot.K
24. Main module (x64) B1FF7285B49F36FE8D65E7B896FCCDB1618EAA4B Win64/Spy.Danabot.C
25. Plugins
26.  
27. Plugin SHA-1 ESET detection name
28. RDPWrap 890B5473B419057F89802E0B6DA011B315F3EF94 Win32/Spy.Danabot.H
29. Stealer (x86) E50A03D12DDAC6EA626718286650B9BB858B2E69 Win32/Spy.Danabot.C
30. Stealer (x64) 9B0EC454401023DF6D3D4903735301BA669AADD1 Win64/Spy.Danabot.E
31. Sniffer DBFD8553C66275694FC4B32F9DF16ADEA74145E6 Win32/Spy.Danabot.B
32. VNC E0880DCFCB1724790DFEB7DFE01A5D54B33D80B6 Win32/Spy.Danabot.D
33. TOR 73A5B0BEE8C9FB4703A206608ED277A06AA1E384 Win32/Spy.Danabot.G