General

  • Target

    5c6cb494b671312e3d9f7a9a93265433_JaffaCakes118

  • Size

    23KB

  • MD5

    5c6cb494b671312e3d9f7a9a93265433

  • SHA1

    811d75c5773d58751f134d1afd1efc3e0cf2e520

  • SHA256

    e0924f6535454a03f2baba88ac1778fe194effe1adfba2269c358c3ce69e6d4b

  • SHA512

    5c043617288bbee0b221034492d77c9856b9c7dc6d2567ea7bb07458fadb81aa337d8e774569de16d730dcc773e5d92273419fd5967104b029d36c2c3fe5f966

  • SSDEEP

    384:JjgniFlw9sPpjqgwAUjAbAdivVYM7PZadVizaRvlVUPVsXG6K5f9D:JBmj3IVYWh43GF

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Ghetto

C2

solarintel.linkpc.net:9009

Mutex

a3b6f4984e8d626690f04515a8bcaaaa

Attributes
  • reg_key

    a3b6f4984e8d626690f04515a8bcaaaa

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5c6cb494b671312e3d9f7a9a93265433_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections