General
-
Target
27e29b8cf62b275554ad095e48b6e1ed_JaffaCakes118
-
Size
43KB
-
MD5
27e29b8cf62b275554ad095e48b6e1ed
-
SHA1
ed72c673502d85cac2da19ba338fddf4a08cad2d
-
SHA256
4111dc99669eaa96b49ce31af3c5fe5dc20ec2f2cf2406985dd8a6c546493fa2
-
SHA512
b970ca92202f370ca2eeaeb4f46887251cf5402bd2569ac0a5e04f96e4cc5430e86e758c4a36e6d8a3c31e3991cc726ceae81d60eb2fd3f38f05117101c2395e
-
SSDEEP
384:RZytqFgpWoy7krZtEVOsMBIHAkHC9D9O5UE5QzwBlpJNakkjh/TzF7pWneWgreTr:DHWol70ZtGOKgcvQO+7e+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
DoT@
C2
ddns.neeeT:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
27e29b8cf62b275554ad095e48b6e1ed_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections