Overview

overview

10

Static

static

10

79e25e890e...18.exe

windows7-x64

8

79e25e890e...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    79e25e890eb71f31574e6ff770d9b980_JaffaCakes118

  • Size

    37KB

  • MD5

    79e25e890eb71f31574e6ff770d9b980

  • SHA1

    9b35c858319f7ae4d8884e251010cce531805bcb

  • SHA256

    848a356b15c51a5e02c5a8d1625ca9818c673d6e77de2189ff964d9f647e41a8

  • SHA512

    fe11b86a703a9dbf66b5fd23ecb4aa0a43e1ef261149b44cf11b0e7dfda2711e17893dde1c1eba42424dde214df899999b66625e9ab430ec1bf5aa95e9e9d7cd

  • SSDEEP

    384:E+OIiu/jtD+P3V+y0bFwRktv7ms2cPPrAF+rMRTyN/0L+EcoinblneHQM3epzXhT:BXmV10bFwRktalc3rM+rMRa8NuTRt

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

leloprosto000.ddns.net:3405

Mutex

866b132a9ca80d5adc2402e84dcbb0eb

Attributes
  • reg_key

    866b132a9ca80d5adc2402e84dcbb0eb

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 79e25e890eb71f31574e6ff770d9b980_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections