General
-
Target
867dbb5fe051f42281c4724aebf3c393_JaffaCakes118
-
Size
349KB
-
MD5
867dbb5fe051f42281c4724aebf3c393
-
SHA1
80b6260d4b9423dff017cbdff17b476b96605fe9
-
SHA256
d9dd8724cfacca2a1134e26a302919753c7c573a503f15c8afd79f6c0efc2164
-
SHA512
ea4985bde5ae2f90c89b9918b78ba49d54cfc2f6e09198ad50dd3fa9d695e79d4a0c1dce76887e8aa4cad502efe135f2a6b281ab3b1b8fa6e8714d4ec4d01000
-
SSDEEP
384:vZy9y5ctOnwtOyW6n5yciAEm3VO2M4472IVa9D9O5UE5QzwBlpJNakkjh/TzF7pa:R3qAwt/W65yciAEmFO2477vQO+Gt+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
90.254.66.167:1604
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
867dbb5fe051f42281c4724aebf3c393_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections