General
-
Target
d8aef78a0869870337b9ed92585036dd_JaffaCakes118
-
Size
279KB
-
Sample
240910-vwq55svfmn
-
MD5
d8aef78a0869870337b9ed92585036dd
-
SHA1
4b7e17e96d68f0e037ba8de3f86c16f35bc1976f
-
SHA256
ca9dba2d80d8041fafc649daa99d1152d66114316faf3578bddf301e80cf4889
-
SHA512
1b39dc53d4789bab61c5216f4c7e63e91be1204a1637df2ecd871d1cedef4f0d8594261964207a1f9bf5f33ce52189e196a395f12bdf689f52d88528c965c6e4
-
SSDEEP
6144:5LhmVMbSmN9lgQWVCI0xufX7le/QJwaf9u3CUITMRvvBsrye1SMLL:5diMbflg6xuzo8PeHOrf3LL
Static task
static1
Behavioral task
behavioral1
Sample
222_737_810112.vbs
Resource
win7-20240704-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
222_737_810112.vbs
-
Size
1.3MB
-
MD5
b438c934bee7b8342d19839c12cdac9b
-
SHA1
63dd9fb69dc0cbb2af9a30bf79d6c7fbcc63068a
-
SHA256
0113aad7c31e7c6fcef100c44e8a1f1fc0616ff0dd948915405ba9e0d697ac9c
-
SHA512
8e50ae6f35bd56350f682b5a5291e5fa01f52cff408de66364159b4ef12ca146bc52b837753cf8e9d9e5ab312e16b99c3c9e220944b57569e4d23322721f749e
-
SSDEEP
12288:Negy6Cy/jr3nx6aITPYnAqYmjMaS3QwIdqEXJZRGK5ReKRWFlxEXNUbKCDo/LqPk:Negy49L6b70d
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-