njrat | 4ea9d6ae0062976cb28af32d00193caf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ea9d6ae0062976cb28af32d00193caf_JaffaCakes118
Size

31KB
MD5

4ea9d6ae0062976cb28af32d00193caf
SHA1

835331320fe859d8cb0d2e3685b3662457e0ff07
SHA256

822f937e2610f2d156bac61afc483bd0c73dd004c674a630f84720ddd192ceab
SHA512

7fcb6efb61bc7ce0679a2981bcd4086aa53b0de9f60d2e3d688e2b41e23467a95f152d55ccb3e315af99161c5d4c9b847eae4f5516d104dc4c0a95d1939e4111
SSDEEP

768:KVUt21HxSgzxbSL/0kWvIrBva0QmIDUu0ti1Urj:tWDR8R7QVkWOj

Score

10^/10

хацкер нига njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

хацкер нига

C2

25.103.24.11:6522

Mutex

3963ce0d9e00e7e13123b7be53feecd3

Attributes

reg_key
3963ce0d9e00e7e13123b7be53feecd3
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ea9d6ae0062976cb28af32d00193caf_JaffaCakes118

Files

4ea9d6ae0062976cb28af32d00193caf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ