Overview

overview

10

Static

static

3

JaffaCakes...80.exe

windows7-x64

10

JaffaCakes...80.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b758e2e5e29333917a043165f39c50da6a0822710527c8ad3faa799da254c580

  • Size

    1.4MB

  • Sample

    241225-1p8dqsypdy

  • MD5

    34a89134bfbeff2258d05397d59e90ff

  • SHA1

    b693021cfe6c178e26ea48c67b9b76ea86ef6c85

  • SHA256

    b758e2e5e29333917a043165f39c50da6a0822710527c8ad3faa799da254c580

  • SHA512

    d3d1490e303b1a188a9ecdc4e5a9e79a23869ef3ed2614492cb6ab17de5fbc234fb1af4acb685fecd5671bf2619f7a30ce1fccc6fbadea76237ac979227da36e

  • SSDEEP

    24576:C5VraSJKDbq3NShENiEU19PHkggBT2lo31xFJNDnBwek+ZtfGt8mOFVeryo:C5peq3WDvxHkdpco3Xvnwek+LeiFay

Score
10/10
danabotbankerdiscoverytrojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443
Attributes
  • embedded_hash

    6618C163D57D6441FCCA65D86C4D380D

  • type

    loader

Targets

    • Target

      JaffaCakes118_b758e2e5e29333917a043165f39c50da6a0822710527c8ad3faa799da254c580

    • Size

      1.4MB

    • MD5

      34a89134bfbeff2258d05397d59e90ff

    • SHA1

      b693021cfe6c178e26ea48c67b9b76ea86ef6c85

    • SHA256

      b758e2e5e29333917a043165f39c50da6a0822710527c8ad3faa799da254c580

    • SHA512

      d3d1490e303b1a188a9ecdc4e5a9e79a23869ef3ed2614492cb6ab17de5fbc234fb1af4acb685fecd5671bf2619f7a30ce1fccc6fbadea76237ac979227da36e

    • SSDEEP

      24576:C5VraSJKDbq3NShENiEU19PHkggBT2lo31xFJNDnBwek+ZtfGt8mOFVeryo:C5peq3WDvxHkdpco3Xvnwek+LeiFay

    Score
    10/10
    danabotbankerdiscoverytrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot family

      danabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks