General
-
Target
c9aa90525dae9738fdd2e72d15fa7533_JaffaCakes118
-
Size
1.2MB
-
Sample
240405-d4mz1sbg25
-
MD5
c9aa90525dae9738fdd2e72d15fa7533
-
SHA1
0341e47456e2b1f6e59f6e82de18a23d810d6eb1
-
SHA256
4a22c0f9ba13ab18950c865a0d164a9840359712c76501e5f64f54e740441a79
-
SHA512
05d89d748bdce04dec6b2297da6837fe119369a21a4c82092e67c624d6581215cdd0585c5b92d7026609a1deda38708c5a49fc13dbed905d38d3f2a718853a84
-
SSDEEP
24576:8OyyUMxRHOsOWrGiahHi1FQoCdES1othxjl7Y0Art1v4:8OMMxtOs3SHhi3R8ESixjl7Yh
Static task
static1
Behavioral task
behavioral1
Sample
c9aa90525dae9738fdd2e72d15fa7533_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
danabot
4
192.119.110.73:443
142.11.242.31:443
192.210.222.88:443
-
embedded_hash
F4711E27D559B4AEB1A081A1EB0AC465
-
type
loader
Targets
-
-
Target
c9aa90525dae9738fdd2e72d15fa7533_JaffaCakes118
-
Size
1.2MB
-
MD5
c9aa90525dae9738fdd2e72d15fa7533
-
SHA1
0341e47456e2b1f6e59f6e82de18a23d810d6eb1
-
SHA256
4a22c0f9ba13ab18950c865a0d164a9840359712c76501e5f64f54e740441a79
-
SHA512
05d89d748bdce04dec6b2297da6837fe119369a21a4c82092e67c624d6581215cdd0585c5b92d7026609a1deda38708c5a49fc13dbed905d38d3f2a718853a84
-
SSDEEP
24576:8OyyUMxRHOsOWrGiahHi1FQoCdES1othxjl7Y0Art1v4:8OMMxtOs3SHhi3R8ESixjl7Yh
-
Danabot Loader Component
-
Blocklisted process makes network request
-
Loads dropped DLL
-