General
-
Target
183b769ce4d1ab4a80608fbaef85bd07_JaffaCakes118
-
Size
24KB
-
MD5
183b769ce4d1ab4a80608fbaef85bd07
-
SHA1
4b6be36f4708e28c2293902ffb53269eb6ab8f86
-
SHA256
64fecc91b73685ba6c233f7fa8cf7c45121dccacb43d776ecd222caea0ea01e2
-
SHA512
23cb5e7c48c0a0c428d771f070607126933b452f29feec32b7ec4dc190d7eb2c1f005f78fd5b1f6d0013cb51c65fc41f140284b0b1d1f82a1fded554aacf59d5
-
SSDEEP
384:evNWLQ+oST+aOseOC1HasOavbS1puwJViz6RvlVUPVs3GHK5f9D:gnSq0OtvbUpuYXnF
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
C2
johnaliraqi.dynu.com:5522
Mutex
Google Chrome
Attributes
-
reg_key
Google Chrome
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
183b769ce4d1ab4a80608fbaef85bd07_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections