General
-
Target
2bb63bdc7d57c1bada1ad6d89bf08bdc_JaffaCakes118
-
Size
43KB
-
MD5
2bb63bdc7d57c1bada1ad6d89bf08bdc
-
SHA1
a5576d1bb6a162a511e6b88806a6f14237947aa7
-
SHA256
cc207dfe1404a701b82c9500463f6936dceeb58a0c0a2c7fc2423f1f4d115263
-
SHA512
0fae737028f60ccf39fc33f24176c0154f0e31428934f98344eb05064ca7ee1a49dd6cab51626031433383c78dd191c1fe8da86ec49a9acb486e692706403ffc
-
SSDEEP
384:HZybXYdM9qIyr0AxjA+4EJWAl4DDzcIij+ZsNO3PlpJKkkjh/TzF7pWn5DgreT0k:5nCwFrBj3hWFtuXQ/o87+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
rusyator
C2
192.168.0.101:443
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2bb63bdc7d57c1bada1ad6d89bf08bdc_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections