General
-
Target
a3dca6edf24940f63c52688df8f45485_JaffaCakes118
-
Size
43KB
-
MD5
a3dca6edf24940f63c52688df8f45485
-
SHA1
8528b028d43d306f4c89555d235ef17b74907b58
-
SHA256
dcdf58e3b0a877a870bf8131923cecac4c40ddfc0a5d6003f564d5ce8c49b392
-
SHA512
970135b8ad9fba7d0794b1a7d0c65ab77e26f186145b19ececcafcd62fd2a902bb23873c150d80d79d72f960804f6a7572e6b1d56429f3083a5274d4db43125e
-
SSDEEP
384:TZyK9BxdW/IUyNZ4D5OFixKCqErll56ljzYIij+ZsNO3PlpJKkkjh/TzF7pWnoml:dP3xIghNZc5OFixN9lyDuXQ/otC+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
0.tcp.ngrok.io:1604
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a3dca6edf24940f63c52688df8f45485_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections