General
-
Target
2ca922461db539e6a01e4c4796e3c4f5_JaffaCakes118
-
Size
103KB
-
MD5
2ca922461db539e6a01e4c4796e3c4f5
-
SHA1
63d475e2c98eea1d5852f8c07ed6a0d92acee220
-
SHA256
f976b8e1ed95511151dde454210ea6167fe92cef80563ded6492235549c673cc
-
SHA512
5e54e299687c651a3ec38425943bc6c15c9e1f679a85f5aa0e67c4ffe5b75157f8b25cb55168f7304ed787181ab93c2fa1d4f85347d96c45a124e2edc81c6e3a
-
SSDEEP
384:1ow11CiMZ3jBVbJsy8PjObAoh3FvxQMbOhUrAF+rMRTyN/0L+EcoinblneHQM3eL:eLbJP8PjuAGn9OOrM+rMRa8Nu03tWw
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
Levkrasov
C2
185.82.217.154:9591
Mutex
b2470da48fd8c6569c0daa61a130d205
Attributes
-
reg_key
b2470da48fd8c6569c0daa61a130d205
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2ca922461db539e6a01e4c4796e3c4f5_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections