General
-
Target
f7df6fd0c5a03d2bf1f08a4398b38ca1_JaffaCakes118
-
Size
279KB
-
Sample
241216-h1vynszlfw
-
MD5
f7df6fd0c5a03d2bf1f08a4398b38ca1
-
SHA1
df3f34e852fab5bdc486c19b38cb708541290c68
-
SHA256
3f36f1bc475cbafdcb6c159f4cb42b9ace4a4321c702fc4f21f179a12be48bd3
-
SHA512
b3d66a4180718b7ed054e66c76d70c0459df1cee88929fffd1da09dd57e1cd005d8aae2181edf5093024f0b15e4d35bbd2869387d9dfdc419527b5024f69b7ae
-
SSDEEP
6144:SLhmVMbSmN9lgQWVCI0xufX7le/QJwaf9u3CUITMRvvBsr1tJvopyz9x/V:SdiMbflg6xuzo8PeHOr1tipyzr9
Static task
static1
Behavioral task
behavioral1
Sample
222_737_810161.vbs
Resource
win7-20240903-en
Malware Config
Extracted
danabot
1.5.78.29
71.61.197.13
128.43.39.106
68.164.114.181
243.7.235.34
185.92.222.238
192.71.249.51
42.180.72.123
159.159.89.172
135.231.151.187
Targets
-
-
Target
222_737_810161.vbs
-
Size
1.3MB
-
MD5
d7100ddc69989fb142f98fff02c6508f
-
SHA1
29bb5a48a3bb63452b37bf3c2e4acfcae929a975
-
SHA256
bb0f5392216d97c801dce3d5e18299608bfbaa344063f55a8ef84c40f3002c4f
-
SHA512
49dee4b048c0515ed1a98adcfab98f1d188da1da2d7cbf8627786e5604e01a0b4500a203a9803e2be81fc7766b4b47870fb9f5fca6ae2a6485a69b94a6613508
-
SSDEEP
12288:Negy6Cy/jr3nx6aITPYnAqYmjMaS3QwIdqEXJZRGK5ReKRWFlxEXNUbKCDo/LqPP:Negy49L6bEJS
-
Danabot family
-
Danabot x86 payload
Detection of Danabot x86 payload, mapped in memory during the execution of its loader.
-
Blocklisted process makes network request
-
Loads dropped DLL
-