Overview

overview

10

Static

static

10

6997e34f2a...18.exe

windows7-x64

10

6997e34f2a...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6997e34f2a0e4cbdf50cb7693c5bb2e1_JaffaCakes118

  • Size

    37KB

  • MD5

    6997e34f2a0e4cbdf50cb7693c5bb2e1

  • SHA1

    df0a87742db375d988ead6327e5dcadbcbf92948

  • SHA256

    b93ebcae988f7baca83209c66c693c1467c15f1a97deaadd311404c7818574eb

  • SHA512

    ab02e6aa02ee8826674efd2330370a2b47384d38bc7ab32cc18d2eae4bc3c553eb9466e0267e0db294fbfdc558aecd9eb176cf3a83a4f84591b439c0f45699a9

  • SSDEEP

    384:Tr2OaIiejJCVLO309QmykrtUPE9uI3favRsIDErAF+rMRTyN/0L+EcoinblneHQp:v2DdGdkrqPKfaJsIQrM+rMRa8Nu/z/t

Score
10/10
skylexnjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

SKYLEX

C2

skylex123.hopto.org:1336

Mutex

7faa610f613a8cb28b980983c7426bea

Attributes
  • reg_key

    7faa610f613a8cb28b980983c7426bea

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6997e34f2a0e4cbdf50cb7693c5bb2e1_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections