General

  • Target

    7de82cf4039e12d08e53f15f760e69bf_JaffaCakes118

  • Size

    148KB

  • Sample

    240528-wvc3kaef6z

  • MD5

    7de82cf4039e12d08e53f15f760e69bf

  • SHA1

    b372effc7d209cfa454617a06822bdac62ea172d

  • SHA256

    7efda24c1ee3ff88c0c9207592e5cdd7dcc47e7a143fddacbbc00e83075ccbf3

  • SHA512

    4ae2d33deae970ea7010f7426f8c250912efe7e38b32818fd1c2475c77edff690c52edac4954bb5bd392e514d0fa34eb7a125bbc6df08c4eba365eeab8883df6

  • SSDEEP

    3072:qaTsS1A9cJLQPYdgToYZhb10wsGkk7wNzBuP2pLYRqef:qct1hhoYdEokZ03UsugcRqe

Score
10/10

Malware Config

Extracted

Family

njrat

C2

173.225.115.127:1194

Mutex

e7e6921903d14bdf8

Attributes
  • reg_key

    e7e6921903d14bdf8

  • splitter

    @!#&^%$

Targets

    • Target

      7de82cf4039e12d08e53f15f760e69bf_JaffaCakes118

    • Size

      148KB

    • MD5

      7de82cf4039e12d08e53f15f760e69bf

    • SHA1

      b372effc7d209cfa454617a06822bdac62ea172d

    • SHA256

      7efda24c1ee3ff88c0c9207592e5cdd7dcc47e7a143fddacbbc00e83075ccbf3

    • SHA512

      4ae2d33deae970ea7010f7426f8c250912efe7e38b32818fd1c2475c77edff690c52edac4954bb5bd392e514d0fa34eb7a125bbc6df08c4eba365eeab8883df6

    • SSDEEP

      3072:qaTsS1A9cJLQPYdgToYZhb10wsGkk7wNzBuP2pLYRqef:qct1hhoYdEokZ03UsugcRqe

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks