General
-
Target
90e6f21bc9e9a9dccca5792313702d26_JaffaCakes118
-
Size
93KB
-
MD5
90e6f21bc9e9a9dccca5792313702d26
-
SHA1
8b618160475c5aa26ed023c798cf44a881c35599
-
SHA256
bfe12a9a71016b493e1fe8dc8ef96746dd94d2096ebbfdac188a45811556aec4
-
SHA512
3ee2b99fbe33587ce4c7135077db31ad9e667d5d06533ba53c21b1f256db5bedfba6f928b4521b31e608181fdd1c9dc6546b7ebdf58b1f26dcdc5b5c1b75a2ab
-
SSDEEP
768:fY3j+xD9O/pBcxYsbae6GIXb9pDX2KC9zPL0OXLeuXxrjEtCdnl2pi1Rz4Rk3Y58:C+DOx6baIa9R4j00ljEwzGi1dDgDigS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
SuperBLT
C2
hakim32.ddns.net:2000
192.168.56.1:5552
Mutex
f35176cc8d39418d684cfc041874f025
Attributes
-
reg_key
f35176cc8d39418d684cfc041874f025
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
90e6f21bc9e9a9dccca5792313702d26_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections