njrat | a5e03d7c27b1c2cf2755361afa474e0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5e03d7c27b1c2cf2755361afa474e0f_JaffaCakes118
Size

27KB
MD5

a5e03d7c27b1c2cf2755361afa474e0f
SHA1

089b27d3adafdc4819e125c7f1dedab8c518856f
SHA256

389db38d3b6df45a4b3715230a5c56db4555e87a4d181302c67b372d31245c9f
SHA512

d8d01d56232d2f9860816470ad881b3805cb3da81136f54f55e6f3e3b5512418f0b28172b6eb0d542b0707daaa25d78033f199d47361d089e17247c68c192d0a
SSDEEP

384:oylOJOzCsgC+rH2FGVjaxJ6/kaq3Z/y45KrfPVREg7Opl5Nl/q13/vOftoIJQtBh:JFCsgQcVjax0/eJamSREzpPGWorAEc+

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e03d7c27b1c2cf2755361afa474e0f_JaffaCakes118

Files

a5e03d7c27b1c2cf2755361afa474e0f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\h-a-c\Downloads\Compressed\Nj\Njrat\obj\Debug\Njrat.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ