General
-
Target
e8323fb9496c6da672e43168a4e3c98f_JaffaCakes118
-
Size
10KB
-
MD5
e8323fb9496c6da672e43168a4e3c98f
-
SHA1
5b4677213e355dc6e89fa53abb20e2f8d245a7d6
-
SHA256
37d62ff9f33b0b60064f3cd596921d6e8d7943a9192c3ce63f8edf844cf6cbfc
-
SHA512
c6c0caa733bc55af6b14ac8f1ef7e7a85dcd2e43b9cc003635c2591a5ea92be22891ab927ce98d7e3a3c480bc5ad3396bd2c3af520d1ecf4454ba483b27e499a
-
SSDEEP
192:wqvn1N9uv3nzsNkiBgCsG3xFmryip9tipfnN7P/Ki4QFuXzK2L9Hfx3akl1MZM:wqvn1N8v3AiiBgOcyipK9nN7P/Ki4bDt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
82.146.50.49:7777
Mutex
5ac690b9f63fb0806225b44adbd43784
Attributes
-
reg_key
5ac690b9f63fb0806225b44adbd43784
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e8323fb9496c6da672e43168a4e3c98f_JaffaCakes118
-
Sumo.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections