General
-
Target
0c24e7e22e7b4a5f7faa058f7c5457df_JaffaCakes118
-
Size
39KB
-
MD5
0c24e7e22e7b4a5f7faa058f7c5457df
-
SHA1
739ea09aaeaebee6b1d47a1ee300ab068cbac1c0
-
SHA256
292239100c8e1a433c87d3bc8b080e71cf99587dc5bea6fee3a7d1f0fa1b931b
-
SHA512
5f3eb81773edf7a5b6a1e0a898e4d12cf327beff4f72339fe70212c6677003a30ab376edebf88170895778c0e73caea11f00b3a0ce9da6229ed0425b40204855
-
SSDEEP
384:9/fOciA1URLiH0eeyOTm65LGFCwbjErAF+rMRTyN/0L+EcoinblneHQM3epzX+g:FfJs1eVOTm6g4wnErM+rMRa8NuZWt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
njRAT 0.8D New.Private
C2
37.252.7.150:5555
127.0.0.1:5555
Mutex
85c8527004168ed890f0c0521fc3f1ae
Attributes
-
reg_key
85c8527004168ed890f0c0521fc3f1ae
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0c24e7e22e7b4a5f7faa058f7c5457df_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections