Overview

overview

10

Static

static

3

JaffaCakes...da.exe

windows7-x64

10

JaffaCakes...da.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8664e599adb8d7c29c153c5ce0e8d66960c4dd105ede9eac4116f0d18d68f0da

  • Size

    1.3MB

  • Sample

    241230-2bb9ta1qam

  • MD5

    31e3fb21a5013df85cbef8e04a35cafc

  • SHA1

    e5ce2582576c53ef79a9214002197e8123864cde

  • SHA256

    8664e599adb8d7c29c153c5ce0e8d66960c4dd105ede9eac4116f0d18d68f0da

  • SHA512

    f01df447fc26b50d2ffed4681667ab48ad52d9aeac4de692337ef581eedeb94f2daff6f1bd116a54aab85cc7044a873e91b0dc21f4eb5d11f0b8820b3b447076

  • SSDEEP

    24576:cS4kU1M+UU3OZeC8oLU/twohSat95OmAmmu0uxffpmWPI5Tq:cSUUD585ThVKtzVyW

Score
10/10
danabotbankerdiscoverytrojan

Malware Config

Extracted

Family

danabot

C2

192.236.233.188:443

192.119.70.159:443

23.106.124.171:443

213.227.155.103:443
Attributes
  • embedded_hash

    56951C922035D696BFCE443750496462

  • type

    loader

Targets

    • Target

      JaffaCakes118_8664e599adb8d7c29c153c5ce0e8d66960c4dd105ede9eac4116f0d18d68f0da

    • Size

      1.3MB

    • MD5

      31e3fb21a5013df85cbef8e04a35cafc

    • SHA1

      e5ce2582576c53ef79a9214002197e8123864cde

    • SHA256

      8664e599adb8d7c29c153c5ce0e8d66960c4dd105ede9eac4116f0d18d68f0da

    • SHA512

      f01df447fc26b50d2ffed4681667ab48ad52d9aeac4de692337ef581eedeb94f2daff6f1bd116a54aab85cc7044a873e91b0dc21f4eb5d11f0b8820b3b447076

    • SSDEEP

      24576:cS4kU1M+UU3OZeC8oLU/twohSat95OmAmmu0uxffpmWPI5Tq:cSUUD585ThVKtzVyW

    Score
    10/10
    danabotbankerdiscoverytrojan

    • Danabot

      Danabot is a modular banking Trojan that has been linked with other malware.

      trojanbankerdanabot

    • Danabot family

      danabot

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks