Overview

overview

10

Static

static

3

JaffaCakes...54.exe

windows7-x64

10

JaffaCakes...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ad3b90c1d0de44c34616ee5f2c048992a92c2d87f604ff7789fc04af436ae654

  • Size

    1.3MB

  • Sample

    241222-dh9lws1men

  • MD5

    3e540a594ce77690013e09fe0c3256de

  • SHA1

    40bb53bdff2c64aec1283e6e0c29b5c883bbdf55

  • SHA256

    ad3b90c1d0de44c34616ee5f2c048992a92c2d87f604ff7789fc04af436ae654

  • SHA512

    d0754b33d7794ef29b7675389a4ddcb48f510ea9ac70fb92fa3a9524223b9646d3a5a4a1017279a7a53715deb368598011e2d9854fa143799b0bce0e8fa0996b

  • SSDEEP

    24576:+K3Zae4BNdOHrLw6fmzRgCXSLlDSO6Dmrhwp3dd14dD3eatZJqRFETDh1q:+K3Zt4kHY6kSL1SpEhwpDOttXqHG11

Score
10/10
danabotbankerdiscoverytrojan

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

192.119.70.159:443

23.106.124.171:443

213.227.155.103:443
Attributes
  • embedded_hash

    56951C922035D696BFCE443750496462

  • type

    loader

Targets

    • Target

      JaffaCakes118_ad3b90c1d0de44c34616ee5f2c048992a92c2d87f604ff7789fc04af436ae654

    • Size

      1.3MB

    • MD5

      3e540a594ce77690013e09fe0c3256de

    • SHA1

      40bb53bdff2c64aec1283e6e0c29b5c883bbdf55

    • SHA256

      ad3b90c1d0de44c34616ee5f2c048992a92c2d87f604ff7789fc04af436ae654

    • SHA512

      d0754b33d7794ef29b7675389a4ddcb48f510ea9ac70fb92fa3a9524223b9646d3a5a4a1017279a7a53715deb368598011e2d9854fa143799b0bce0e8fa0996b

    • SSDEEP

      24576:+K3Zae4BNdOHrLw6fmzRgCXSLlDSO6Dmrhwp3dd14dD3eatZJqRFETDh1q:+K3Zt4kHY6kSL1SpEhwpDOttXqHG11

    Score
    10/10
    danabotbankerdiscoverytrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot family

      danabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks