General
-
Target
92d8c364561a545dfc4fb648f72cddaa_JaffaCakes118
-
Size
23KB
-
MD5
92d8c364561a545dfc4fb648f72cddaa
-
SHA1
ea72e78d48afdba8a8b9ca73e95107ef3933997d
-
SHA256
33474be63039cfdd63aec01663d5390eb5080534905830238418fcd3c24ea1f9
-
SHA512
fb27e8aa8ac753a1a6ff4c333f440888d3d0b304b7a02301fe817a98a5b467d1428c52c479859056e3a68d90bd2d45f58fc2e6984f99e32096b32ab19414d3cc
-
SSDEEP
384:GYmCsw/yJrQ7tRGSQCY1r46JgfCcBjdhmRvR6JZlbw8hqIusZzZDV:p7GktQBRpcnuu
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
FUD-02/10/63
C2
ddnshost-microsofts.serveftp.com:69
Mutex
04e031bc9b9f40f12845cc2f6c2e6b95
Attributes
-
reg_key
04e031bc9b9f40f12845cc2f6c2e6b95
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
92d8c364561a545dfc4fb648f72cddaa_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections