General
-
Target
609b050d246cd7c11eea9b65ae0db417_JaffaCakes118
-
Size
109KB
-
MD5
609b050d246cd7c11eea9b65ae0db417
-
SHA1
7efe106ca929e542f7a787764fdc969b6d98963c
-
SHA256
d9c9e109a1aef9576a974bd2b5104328e951171644dddf0a27a92e1fc4e421c0
-
SHA512
bba9c5d64399b514dee0796a5bac966325ce95b4fdf9302a0225f0bbb6dab10b2da50db0f9246e44d92ef1cb2db102b5f5e2dd5c798634ef52995fac1512f9bc
-
SSDEEP
1536:UWbxIaS58FijV/ixuXQQy9McNancBA2GVnhkdjQdik859hV:TW58Fwx3f+GVh+jQdi35zV
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
Xenos64
C2
127.0.0.1:7777
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
609b050d246cd7c11eea9b65ae0db417_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections