General
-
Target
600fe87e9c565ee41f1fa41b08b0b368_JaffaCakes118
-
Size
43KB
-
MD5
600fe87e9c565ee41f1fa41b08b0b368
-
SHA1
28b8bbaa6d74d863e6dcd867b6a155a683a9754d
-
SHA256
996d1cc8d14bd3324f910cacf457f07b0586348b97259fd21e8e4f2423c881fd
-
SHA512
84897a1cb11c91e017e59e23b66dfd554745ca9ca3ff69e0e7eaa5784b2e7d03592a2c9aafc391e7a7ea70d8a30ed519691502536d696dbaa3e8b79391e92f7b
-
SSDEEP
384:2Zyn7zxdW/IUyNZCB5OFiLgVOcEvll56ljzYIij+ZsNO3PlpJKkkjh/TzF7pWns0:s+HxIghNZk5OFiLCO7lyDuXQ/oxC+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
37.252.7.150:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
600fe87e9c565ee41f1fa41b08b0b368_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections