General
-
Target
90df67afb99863c36a1cff29c9e09957_JaffaCakes118
-
Size
10KB
-
MD5
90df67afb99863c36a1cff29c9e09957
-
SHA1
0a8bca5ae0392b7dd0f4b566ac6bce9b38d4660b
-
SHA256
bdf604ac9002e4d3bf69ad3e3bc77afca5bef58961899dcabe2bbc3bfe728e9a
-
SHA512
95c9edf67e3732156a1409b2123a3e1e98001e8f3a4292273607cca3db1935176f7533077e7f34c0fd85b8c44fd969f61e9f15fc2285a64ff9adc17e744e98c8
-
SSDEEP
192:BczlUqFnf4AT8TTmUbXPt6pnVr2zBaDz98ZVUQhq7zwBWHOWvvRb0H2okFAoAIxE:BczlUqFnQAT8mKfCiaH9yVUQ4o8Os+Wg
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
الجنرال خليل السوري
C2
kaleloo233.hopto.org:5552
Mutex
e0cdce6e53951a72c3db7730ea05d47f
Attributes
-
reg_key
e0cdce6e53951a72c3db7730ea05d47f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
90df67afb99863c36a1cff29c9e09957_JaffaCakes118
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections