General
-
Target
9d339825328857540e894fa33147b253_JaffaCakes118
-
Size
1.3MB
-
Sample
240403-cl33vach6s
-
MD5
9d339825328857540e894fa33147b253
-
SHA1
0d1230e30d2909c6c409256e7dc4c8f440b291d2
-
SHA256
6249739ca3944098c705aa7b5d0663cdce6c4404adb5f33af8390e13a314a4df
-
SHA512
000855a93b4c95a7922ca8da2f71ff2a4a052ca6a57222512740560f9de1f88dd215739d78baafb7e753c505d1b87b0053e06d107617c0a3904d22bedb06daa4
-
SSDEEP
24576:J8pWEmF1lNHBRQ9qjYwebGbmo9Azru5Pz5GKGTzyswyL:KVweCsgzkTTm+L
Behavioral task
behavioral1
Sample
9d339825328857540e894fa33147b253_JaffaCakes118.dll
Resource
win7-20231129-en
Malware Config
Extracted
danabot
4
192.119.110.73:443
192.236.147.159:443
192.210.222.88:443
-
embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
-
type
loader
Targets
-
-
Target
9d339825328857540e894fa33147b253_JaffaCakes118
-
Size
1.3MB
-
MD5
9d339825328857540e894fa33147b253
-
SHA1
0d1230e30d2909c6c409256e7dc4c8f440b291d2
-
SHA256
6249739ca3944098c705aa7b5d0663cdce6c4404adb5f33af8390e13a314a4df
-
SHA512
000855a93b4c95a7922ca8da2f71ff2a4a052ca6a57222512740560f9de1f88dd215739d78baafb7e753c505d1b87b0053e06d107617c0a3904d22bedb06daa4
-
SSDEEP
24576:J8pWEmF1lNHBRQ9qjYwebGbmo9Azru5Pz5GKGTzyswyL:KVweCsgzkTTm+L
-
Danabot Loader Component
-
Blocklisted process makes network request
-