Extracted

• • Target

    5c7d93ea976f1f84ac8bef6e6065deca_JaffaCakes118

  • Size

    2.3MB

  • MD5

    5c7d93ea976f1f84ac8bef6e6065deca

  • SHA1

    22f9a5f7e38ac207f21287fa63f371a255a68c83

  • SHA256

    76d9f06d6861a5fa03c02ca11c643684f51ba3372666b2f1541578f09c1d6d85

  • SHA512

    0a64b6d8a6c87e0ea11c56b3542b229e97a4ffa6450a26456faa1b025a7ef5164f1b21bfceab04e5e480f893657c2bd65d6e1b6180f12b123783e1b19e0727b7

  • SSDEEP

    49152:SgJyYd1z3uq8TsAO0Q3Lkxp8yzR0WdsIQP8hK6jEjZIBbKO:SgJyo3uq8Q0Q3LKp8CHdsIQ0o62Uv

  Score

  10^/10

  danabotbankerbotnetdiscoverytrojan

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot

  • Danabot x86 payload

    Detection of Danabot x86 payload, mapped in memory during the execution of its loader.

    botnet

  • Blocklisted process makes network request

  • Loads dropped DLL

  behavioral1behavioral2