Overview

overview

10

Static

static

3

JaffaCakes...84.exe

windows7-x64

10

JaffaCakes...84.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_75bad8e2375b7efd246d45abd3fe912a6b966fb9d92e3c9b1c7a71bbb1e83884

  • Size

    1.4MB

  • Sample

    241229-jpk5rswrcr

  • MD5

    87ae77b93bbb97d62a931fae6b4902ba

  • SHA1

    68d7acb9dc2997c8f8b0eb1e9cc13c43fb5b8f9d

  • SHA256

    75bad8e2375b7efd246d45abd3fe912a6b966fb9d92e3c9b1c7a71bbb1e83884

  • SHA512

    245860b698a2bae9a019629819be60de1b4bca7b7bc964180e38b040102a0be9ad4f0b876c305978ad2ad63c055ec0509861f520f72aab222bdcf335783468fa

  • SSDEEP

    24576:N4wMogYw9936IQf59gbjvxozRfGczCXt7VXzjkcwrGtS4SWo+6ZW9:N4qnxItozpGcm7Bkcwyo+6E

Score
10/10
danabotbankerdiscoverytrojan

Malware Config

Extracted

Family

danabot

C2

198.15.112.179:443

185.62.56.245:443

153.92.223.225:443

192.119.70.159:443
Attributes
  • embedded_hash

    6618C163D57D6441FCCA65D86C4D380D

  • type

    loader

Targets

    • Target

      JaffaCakes118_75bad8e2375b7efd246d45abd3fe912a6b966fb9d92e3c9b1c7a71bbb1e83884

    • Size

      1.4MB

    • MD5

      87ae77b93bbb97d62a931fae6b4902ba

    • SHA1

      68d7acb9dc2997c8f8b0eb1e9cc13c43fb5b8f9d

    • SHA256

      75bad8e2375b7efd246d45abd3fe912a6b966fb9d92e3c9b1c7a71bbb1e83884

    • SHA512

      245860b698a2bae9a019629819be60de1b4bca7b7bc964180e38b040102a0be9ad4f0b876c305978ad2ad63c055ec0509861f520f72aab222bdcf335783468fa

    • SSDEEP

      24576:N4wMogYw9936IQf59gbjvxozRfGczCXt7VXzjkcwrGtS4SWo+6ZW9:N4qnxItozpGcm7Bkcwyo+6E

    Score
    10/10
    danabotbankerdiscoverytrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot family

      danabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks