General
-
Target
a83cd6897dfe7fac71627c1f9668386d_JaffaCakes118
-
Size
446KB
-
MD5
a83cd6897dfe7fac71627c1f9668386d
-
SHA1
45feccf02e0012eb5c81245247619f619db79953
-
SHA256
c333764d80456cab43016002aa415efbc52cde6ff867b41abeb0e79688cb210c
-
SHA512
bde2ca3f12ed3e5e2a63d99d390f85ab83af459941240cbb0f082c6156487862c9ff8ae479dcfce6fddef527527d957d246398494c42bd0803056098408d2744
-
SSDEEP
3072:yIs80ULUxUa8FDSKc45xUh/wKsRNwD0kHRoqVi2rhTJNam5zpP4XqAtIVVtNlNmF:7LUCa8FDbtUhB8wNHVi2dpgaUIVdrjc
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
nome
C2
156.194.36.245:2222
Mutex
1499027d09d62b89641965a197fd8f73
Attributes
-
reg_key
1499027d09d62b89641965a197fd8f73
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a83cd6897dfe7fac71627c1f9668386d_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections