Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

JaffaCakes...0f.exe

windows7-x64

10

JaffaCakes...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9eebce8383071dd565ccd67a626cd0809ef9928af7555c610d979cc4d52eaf0f

  • Size

    2.3MB

  • Sample

    241224-zv82saxmhk

  • MD5

    881a3bb370849ebfc0381b310a15c12b

  • SHA1

    fed883de3633310e643ff878e4576f4ca23c979f

  • SHA256

    9eebce8383071dd565ccd67a626cd0809ef9928af7555c610d979cc4d52eaf0f

  • SHA512

    52772a4e5a1b0b6e838aa79f45fd1c62f0ae78807e033ee448b17fdc3bf639526ddda066363e362455da1eb2e9aa117ce55db58ca7f6ed7003f0997ff4b9bd54

  • SSDEEP

    49152:HBunMOW4JRYIgw9u6KqjsX/rjhiDJVxD1E2HgCcz45PZy+dbQm:hunMO5YInurqjsHgVxSZz45PZyhm

Score
10/10
danabotbankerdiscoverytrojan

Malware Config

Extracted

Family

danabot

C2

153.92.223.225:443

185.62.56.245:443

198.15.112.179:443
Attributes
  • embedded_hash

    5B850BFD39D47030C0AAC0024D43ABEA

  • type

    loader

Targets

    • Target

      JaffaCakes118_9eebce8383071dd565ccd67a626cd0809ef9928af7555c610d979cc4d52eaf0f

    • Size

      2.3MB

    • MD5

      881a3bb370849ebfc0381b310a15c12b

    • SHA1

      fed883de3633310e643ff878e4576f4ca23c979f

    • SHA256

      9eebce8383071dd565ccd67a626cd0809ef9928af7555c610d979cc4d52eaf0f

    • SHA512

      52772a4e5a1b0b6e838aa79f45fd1c62f0ae78807e033ee448b17fdc3bf639526ddda066363e362455da1eb2e9aa117ce55db58ca7f6ed7003f0997ff4b9bd54

    • SSDEEP

      49152:HBunMOW4JRYIgw9u6KqjsX/rjhiDJVxD1E2HgCcz45PZy+dbQm:hunMO5YInurqjsHgVxSZz45PZyhm

    Score
    10/10
    danabotbankerdiscoverytrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot family

      danabot

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.