General
-
Target
fc2ac1f5970829397d04da4ff99df23b_JaffaCakes118
-
Size
258KB
-
Sample
240420-hjqbvsbe7z
-
MD5
fc2ac1f5970829397d04da4ff99df23b
-
SHA1
caec6d7d75449cf12608a9a2b884a8e7c57c51a3
-
SHA256
8bfcf9f77b21c9e8895fc6ef7e9288bd87a593fe3afef30bbd7737fb06934b52
-
SHA512
bdd1586406feb8a01384bd5a3b946f2cd7ce3bab04154775b04239da0eeac75109953e8518ae0f678d8e85eff3c31f6dc9bc8dcb7f934b44f319efe20cde1cf6
-
SSDEEP
3072:R2FYi9bfBBI6QbaCgtP10aPa6jRpRoeYev5SZOII+JuAsINP8KdHBQIwHYIxbnOI:oj9bfPU+t95Ro/exQOIPuRG8x8c86M
Behavioral task
behavioral1
Sample
fc2ac1f5970829397d04da4ff99df23b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc2ac1f5970829397d04da4ff99df23b_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
v4.0
HacKed
127.0.0.1:5544
Windows
-
reg_key
Windows
-
splitter
|-F-|
Targets
-
-
Target
fc2ac1f5970829397d04da4ff99df23b_JaffaCakes118
-
Size
258KB
-
MD5
fc2ac1f5970829397d04da4ff99df23b
-
SHA1
caec6d7d75449cf12608a9a2b884a8e7c57c51a3
-
SHA256
8bfcf9f77b21c9e8895fc6ef7e9288bd87a593fe3afef30bbd7737fb06934b52
-
SHA512
bdd1586406feb8a01384bd5a3b946f2cd7ce3bab04154775b04239da0eeac75109953e8518ae0f678d8e85eff3c31f6dc9bc8dcb7f934b44f319efe20cde1cf6
-
SSDEEP
3072:R2FYi9bfBBI6QbaCgtP10aPa6jRpRoeYev5SZOII+JuAsINP8KdHBQIwHYIxbnOI:oj9bfPU+t95Ro/exQOIPuRG8x8c86M
Score10/10-
Drops startup file
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-