General

  • Target

    8d6791820562ca26d2f538c8d8b3df21_JaffaCakes118

  • Size

    16KB

  • MD5

    8d6791820562ca26d2f538c8d8b3df21

  • SHA1

    602ec5d89bfa413dee6e80f7550aa814f4cdb872

  • SHA256

    b2b393e5d804d4915f8aea4c3bbd12e7d2c0509803c303499189966e26505c12

  • SHA512

    c7250bf3977634f5b6a0283ec4271b2eb936823d82c172cee78f080627da24f3125e5d6c5c134779d72e3d5f8c7707869bf49accf06d17cb258d7e020ec36b15

  • SSDEEP

    384:QhjSz3Ow99Z/dIPOCeMYiWT5IaCFL9G6NCzP2812PsL:QhjMOcdIPOUY9TaaC5IP1124

Score
10/10

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

192.168.1.162:5552

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d6791820562ca26d2f538c8d8b3df21_JaffaCakes118
    .rar
  • sfsdgsgh.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections