General
-
Target
7036a14e408177f688f52e8bf5928bd8_JaffaCakes118
-
Size
37KB
-
MD5
7036a14e408177f688f52e8bf5928bd8
-
SHA1
295c256a733d90b02a045eb69314668e27e82396
-
SHA256
99f4cd0785ef8df24ead883d46755d080ec81cc5ee39a2cf9d546584abc9f5a6
-
SHA512
d7712637a9a71bddb2642f51db8480a5adbb7d2f304f069629b7ddeb9ce1b3ce6420bec1d883643af47955a43970830b28877d2dda71eabcc3d3beaa5190282f
-
SSDEEP
384:HzJTgiG1CjZfursvO6yszrq/4X10T/6rurAF+rMRTyN/0L+EcoinblneHQM3epzp:TJz5Wpszrq/4276arM+rMRa8NusUt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
svchost.exe
C2
192.168.0.100:1604
Mutex
92cf8c7cd7817e99dd72fa05c92eede0
Attributes
-
reg_key
92cf8c7cd7817e99dd72fa05c92eede0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7036a14e408177f688f52e8bf5928bd8_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections