General
-
Target
64a4318e9752ab10484cdcd3427fd211_JaffaCakes118
-
Size
43KB
-
MD5
64a4318e9752ab10484cdcd3427fd211
-
SHA1
54b0b70bae6f7ba7648bf31bbd9c5d4244102b57
-
SHA256
171a802411d9ae1c3cb973b359b654caaad5dacf07ed37e3ceda7ed0ab47f42c
-
SHA512
d2dc4ea6af5aa6e134e8f94dd0c4f30bd3c9655a4d786fc39bfc053748d08b1e97186fd69231047dcb421845f750ba75702eaad52b2f002450977b6d4b2a59b9
-
SSDEEP
384:2ZyZsFgpWoy7OJ7FuywEBYXAkXzYIij+ZsNO3PlpJKkkjh/TzF7pWnNmwgreT0pO:sZWol7M7FR6Q8uXQ/oYm0+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed2334
C2
127.0.0.1:5057
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
64a4318e9752ab10484cdcd3427fd211_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections