njrat | 81ca1d2e3fafec7ba39d9a21d281c50c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81ca1d2e3fafec7ba39d9a21d281c50c_JaffaCakes118
Size

3.3MB
MD5

81ca1d2e3fafec7ba39d9a21d281c50c
SHA1

601cd159ff267e242f3e83acd3fee3e287c59b95
SHA256

08da4c287a85770db007e33d9abdf8093d09703f105aede1387beea4bff9b49d
SHA512

fdec93446637a369cce0f4281599341f91d7984b216a1d51d7236bff7888ffd9c8dd04d8a9012379348dcf241b7f531366f63e23221d1de758323eff93587476
SSDEEP

49152:WE8i6FqRUT87tl2eHdxWaT4us679243cCfLtH+0NKakQ3dkMXurUlvkeH2:ci2qRUgtU8xr4uH7M4JNDHmbrU52

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81ca1d2e3fafec7ba39d9a21d281c50c_JaffaCakes118

Files

81ca1d2e3fafec7ba39d9a21d281c50c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\GHAAWY\Desktop\stub\stub\obj\x86\Debug\stub.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ