General
-
Target
a2602db74991cc82d39a84ca9459a988_JaffaCakes118
-
Size
1.2MB
-
Sample
240403-v7465sgd58
-
MD5
a2602db74991cc82d39a84ca9459a988
-
SHA1
6465170dde69a1019768f91ca66c2eb70db11e0e
-
SHA256
ebce9843b6f8483818e08e94b5c2ddee05f9ee325a7b7b4fb1bb66a797e97b1c
-
SHA512
a63aead9f430577090255ef3f0bdd03781675bf4c2783a53154f4338e0595c0a67dd96bcd675a46c282444e5662cbd531e0d710beb7487ecc8273a9e56f5f428
-
SSDEEP
24576:aDPPGsLmRUSTuUqbMknnTK/drRsJfeTI+IpbNm7BPAyEHE3wvK9n+nnkDK:OPuUpnTK/drRwfblbNmuyqK
Static task
static1
Behavioral task
behavioral1
Sample
a2602db74991cc82d39a84ca9459a988_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
danabot
4
192.119.110.73:443
192.236.147.159:443
192.210.222.88:443
-
embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
-
type
loader
Targets
-
-
Target
a2602db74991cc82d39a84ca9459a988_JaffaCakes118
-
Size
1.2MB
-
MD5
a2602db74991cc82d39a84ca9459a988
-
SHA1
6465170dde69a1019768f91ca66c2eb70db11e0e
-
SHA256
ebce9843b6f8483818e08e94b5c2ddee05f9ee325a7b7b4fb1bb66a797e97b1c
-
SHA512
a63aead9f430577090255ef3f0bdd03781675bf4c2783a53154f4338e0595c0a67dd96bcd675a46c282444e5662cbd531e0d710beb7487ecc8273a9e56f5f428
-
SSDEEP
24576:aDPPGsLmRUSTuUqbMknnTK/drRsJfeTI+IpbNm7BPAyEHE3wvK9n+nnkDK:OPuUpnTK/drRwfblbNmuyqK
-
Danabot Loader Component
-
Blocklisted process makes network request
-
Loads dropped DLL
-