General
-
Target
5ccf03b6d7d422e6d03de3379e0ada2a_JaffaCakes118
-
Size
23KB
-
MD5
5ccf03b6d7d422e6d03de3379e0ada2a
-
SHA1
25630dbf69e8b5eec0cd806dc716ac6c9731d0a0
-
SHA256
5f93af37ee1519b2a64660566f3442f61d0383b95ce194c86e75a8b21ff224d0
-
SHA512
f0c82dde6bd1eb8e0dcc4e1e2f32b39c70aa509b0bad7375e98396256d8973b43bc6b847fe28463db5358c125961f1aee44f60cea8920c25aa3abeca0fbdc3f9
-
SSDEEP
384:c+6CuQX29+utY3Gybsjndo6zg1caikZz5mRvR6JZlbw8hqIusZzZKIa6uFz:VdSelbURpcnuXIar
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
الــســـفــاح الــــكــربــلائــي هـــناـــأ
C2
safahkarbala.ddns.net:5552
Mutex
b1347e212a8137f6559b0c3fa360a5fd
Attributes
-
reg_key
b1347e212a8137f6559b0c3fa360a5fd
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5ccf03b6d7d422e6d03de3379e0ada2a_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections