General
-
Target
450f2817e2c5be69bc453be1f61671e4_JaffaCakes118
-
Size
23KB
-
MD5
450f2817e2c5be69bc453be1f61671e4
-
SHA1
61fd5148ec072bb3bc772424381ede3ff450d88f
-
SHA256
f3ebcd2aa038209719e43f3f552ff0d78ada9b871b338d89f9b9a4b7aa6a0fbb
-
SHA512
d6223495ee4998b5f75731934bc35a7dda53ab961426602225b079133bf7021a65b681052e70d990131f51d43f22a4f8937efd10db8d9321f4c69c8e27d00776
-
SSDEEP
384:jLMK6b2GZsx/Yr1+liORH1kcPFQ6Lg9gSOYRr9mRvR6JZlbw8hqIusZzZvE:jEb9glF51LRpcnuD
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
btnet
C2
tuttotone.serveftp.com:1332
Mutex
1a99f094e2a8cb7e39e892e040e9c101
Attributes
-
reg_key
1a99f094e2a8cb7e39e892e040e9c101
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
450f2817e2c5be69bc453be1f61671e4_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections