General
-
Target
307bc9bf2c6a8693d0943cef21dab78f_JaffaCakes118
-
Size
43KB
-
MD5
307bc9bf2c6a8693d0943cef21dab78f
-
SHA1
2cc0b14128c7ad33180787c138f5f7c57c2ac69b
-
SHA256
764d3a528945e0456e4ab9ad7323eda27ac4c9bd0fe5a3f0ad2add7a64d05d9a
-
SHA512
568db3b97d653c959f72d2d74546aee50b5ebe5ce28a41110a9e0fbbd46ec251614e433ca8c47ef1a56764bfd34a2dbb564c7887326aa29bf741a8c9fcd77778
-
SSDEEP
384:6ZydcNU1SoycwJmrlhWhYYKwWIEXvhY8Gzz0Iij+ZsNO3PlpJKkkjh/TzF7pWnTu:YNqglcwJsj/PZYHuXQ/o+c+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
client
C2
94.245.175.163:7777
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
307bc9bf2c6a8693d0943cef21dab78f_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections