General
-
Target
0dcd81e6eba1a5522b5b5ec60736d38a_JaffaCakes118
-
Size
43KB
-
MD5
0dcd81e6eba1a5522b5b5ec60736d38a
-
SHA1
05ce920a685da0e040dfb9eebb8f3efbc37fbec7
-
SHA256
eea19c4391fce60fa7402d364627f1ee671859d962126b12d2a8e7ffcbcb982e
-
SHA512
04d4023cd9c3623011d0b58c2454805072bcb47f8ee2cddf2f12a071caf6713addc30e5bb5723b6ad4810a7c00443497e458cee216b454e27980fb4d425c4b26
-
SSDEEP
384:YZydl8Bq0lwZmoy7ypgwCwEhxmD0aXzoIij+ZsNO3PlpJKkkjh/TzF7pWnp/gre7:ujNGol7ogr+DjuXQ/o8/+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
192.164.1.4:7777
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0dcd81e6eba1a5522b5b5ec60736d38a_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections