Overview

overview

10

Static

static

10

285ff94f5c...18.exe

windows7-x64

10

285ff94f5c...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    285ff94f5c0ed9339ee0c132d4824f7f_JaffaCakes118

  • Size

    29KB

  • MD5

    285ff94f5c0ed9339ee0c132d4824f7f

  • SHA1

    a68dbcc57b86904967a06dd182c236c8430e6f61

  • SHA256

    8cb75a944c824f7c894eb67d6975331df4d9119900d599ec2c598f2b42ef2a81

  • SHA512

    a67d2c0e982e611b14d61ba692dc1fdadfa53d5c319fc9c923bacdef0a4c9a909950230b19867053d085c0c0a5b2bb5ab7f3340bc628e8dce1247ce5fa09c858

  • SSDEEP

    384:LWWjNl7XNRoWGVulRVJ5zaImGmqDcI6ewdGBsbh0w4wlAokw9OhgOL1vYRGOZzHF:p7ToWGVKhcI4qN6exBKh0p29SgRBD

Score
10/10
maxnjrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

max

C2

0.tcp.ngrok.io:11129

Mutex

3e2bc178254025b1138d99fa6332b1c2

Attributes
  • reg_key

    3e2bc178254025b1138d99fa6332b1c2

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 285ff94f5c0ed9339ee0c132d4824f7f_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections