General
-
Target
01be0f63b83a3f8be45183cd82cd00d6_JaffaCakes118
-
Size
25KB
-
Sample
240426-1q36eadg3s
-
MD5
01be0f63b83a3f8be45183cd82cd00d6
-
SHA1
51ef195488b3dabfaffd7d71170687cad0630558
-
SHA256
76522a7da91a602f2f94d5825c1ebc972570d5e22c5ea7f5c69bf127f6bd9de0
-
SHA512
5fd51f48a3609be09600cbd59538b5ba16088f2f68aae564d009a2b6ff6200ca599828cfbd47004d943e7d215d899f8d5c3e00bec4d608b61e7ff1064e855017
-
SSDEEP
384:sv3ZIP+eHQSAfDiEzCDTbNiYIR51EvSGcTLIdM8rysFIUdtAnkHNpWH90:svpHeHQSAmcCDT5izR5W6TsfusO48KWK
Static task
static1
Behavioral task
behavioral1
Sample
01be0f63b83a3f8be45183cd82cd00d6_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01be0f63b83a3f8be45183cd82cd00d6_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
46.72.27.241:7777
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Targets
-
-
Target
01be0f63b83a3f8be45183cd82cd00d6_JaffaCakes118
-
Size
25KB
-
MD5
01be0f63b83a3f8be45183cd82cd00d6
-
SHA1
51ef195488b3dabfaffd7d71170687cad0630558
-
SHA256
76522a7da91a602f2f94d5825c1ebc972570d5e22c5ea7f5c69bf127f6bd9de0
-
SHA512
5fd51f48a3609be09600cbd59538b5ba16088f2f68aae564d009a2b6ff6200ca599828cfbd47004d943e7d215d899f8d5c3e00bec4d608b61e7ff1064e855017
-
SSDEEP
384:sv3ZIP+eHQSAfDiEzCDTbNiYIR51EvSGcTLIdM8rysFIUdtAnkHNpWH90:svpHeHQSAmcCDT5izR5W6TsfusO48KWK
Score10/10-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-