General
-
Target
JaffaCakes118_5e056d6acc82cf88bd815a6d5bfd9e68e1fc39b40be527bd49f98a35603e78dc
-
Size
2.3MB
-
Sample
241224-z3xnqaxnbz
-
MD5
eff406e8d2e15ea1584522b8a45318d4
-
SHA1
2dd62d8816da6ce0f0f162e7b7512dfcf942af50
-
SHA256
5e056d6acc82cf88bd815a6d5bfd9e68e1fc39b40be527bd49f98a35603e78dc
-
SHA512
b3cc0b141d0ce23ef0772d1fdb3f15d33a827eddb797ac36d03d9762b2bdea31f44d5d013e181673769492cca7b05383554ebc52a4e8b5dca3158712094717df
-
SSDEEP
49152:JPLINXLva+kNJ3I2F5PwPVdEJaOk0AUMVRrmKLoa/cmKQ:J8NXLva+CFmPQUZ0/M3rmUoa
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_5e056d6acc82cf88bd815a6d5bfd9e68e1fc39b40be527bd49f98a35603e78dc.exe
Resource
win7-20240903-en
Malware Config
Extracted
danabot
153.92.223.225:443
185.62.56.245:443
198.15.112.179:443
-
embedded_hash
5B850BFD39D47030C0AAC0024D43ABEA
-
type
loader
Targets
-
-
Target
JaffaCakes118_5e056d6acc82cf88bd815a6d5bfd9e68e1fc39b40be527bd49f98a35603e78dc
-
Size
2.3MB
-
MD5
eff406e8d2e15ea1584522b8a45318d4
-
SHA1
2dd62d8816da6ce0f0f162e7b7512dfcf942af50
-
SHA256
5e056d6acc82cf88bd815a6d5bfd9e68e1fc39b40be527bd49f98a35603e78dc
-
SHA512
b3cc0b141d0ce23ef0772d1fdb3f15d33a827eddb797ac36d03d9762b2bdea31f44d5d013e181673769492cca7b05383554ebc52a4e8b5dca3158712094717df
-
SSDEEP
49152:JPLINXLva+kNJ3I2F5PwPVdEJaOk0AUMVRrmKLoa/cmKQ:J8NXLva+CFmPQUZ0/M3rmUoa
-
Danabot family
-
Blocklisted process makes network request
-
Loads dropped DLL
-