donot_downloader | 59b4702cd0c51c54e7872bd2d0db8015102f555d8a55779e6a9a08f42ae38c08 | Triage

Submit
Reports

Overview

overview

Static

static

1

8702385f0a...18.rtf

windows7-x64

8702385f0a...18.rtf

windows10-2004-x64

1

Sharing

General

Target

8702385f0a64bf1aa8e202430692a9e6_JaffaCakes118
Size

3.3MB
Sample

240531-pn7v2agh61
MD5

8702385f0a64bf1aa8e202430692a9e6
SHA1

758541f9d90a87b9f97bbc6c2c7d65e9d4ebf1cf
SHA256

59b4702cd0c51c54e7872bd2d0db8015102f555d8a55779e6a9a08f42ae38c08
SHA512

9ff0553cccacb98269478df8ef65506da64b10ab5b16830f3c03f3c2f0796a5b6ca769154ba0f5e92dc16167586834737fcedf75355f2c5cea3c54535542844f
SSDEEP

24576:XVXHwimMpe3zZ9If2qHTS+qloJVtJZapoTPmeh+LIxE4Cg2MZfkhTJ73Wd:t

Score

10^/10

donot_downloader rat

Static task

static1

Behavioral task

behavioral1

Sample

8702385f0a64bf1aa8e202430692a9e6_JaffaCakes118.rtf

Resource

win7-20240508-en

donot_downloader rat

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

8702385f0a64bf1aa8e202430692a9e6_JaffaCakes118.rtf

Resource

win10v2004-20240426-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8702385f0a64bf1aa8e202430692a9e6_JaffaCakes118
- Size
  
  3.3MB
- MD5
  
  8702385f0a64bf1aa8e202430692a9e6
- SHA1
  
  758541f9d90a87b9f97bbc6c2c7d65e9d4ebf1cf
- SHA256
  
  59b4702cd0c51c54e7872bd2d0db8015102f555d8a55779e6a9a08f42ae38c08
- SHA512
  
  9ff0553cccacb98269478df8ef65506da64b10ab5b16830f3c03f3c2f0796a5b6ca769154ba0f5e92dc16167586834737fcedf75355f2c5cea3c54535542844f
- SSDEEP
  
  24576:XVXHwimMpe3zZ9If2qHTS+qloJVtJZapoTPmeh+LIxE4Cg2MZfkhTJ73Wd:t
Score

10^/10

donot_downloader rat
- Donot APT Downloader
  A downloader used by Donot APT group to download further modules.
  rat donot_downloader
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

donot_downloaderrat

behavioral2

© 2018-2025

Terms | Privacy