General
-
Target
b1b4b125e4ad60e6302928016a7a78fb_JaffaCakes118
-
Size
23KB
-
MD5
b1b4b125e4ad60e6302928016a7a78fb
-
SHA1
4a3a7e9eb12ec0dae41f588f2e3672010b76c5dc
-
SHA256
3e55ae393b491a130a5e30e384a1169a4e14d99aa9331843454bbfde0ffa470f
-
SHA512
3597931d1936074af803250c969ddb6127429cf49652f494bac430302a0c9b440aacf89b54d6fd45ecb0707561a5721d78b5c76ac17c5012de750c222dcdb626
-
SSDEEP
384:RYaZYC9tSBn6t3emiO060gDVQ6HghQSFJ7tmRvR6JZlbw8hqIusZzZnw:tY+q/mlHPRpcnuT
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Hallaj PRO Rat [Fixed]
Botnet
0
C2
mscompany.dynu.com:50001
Mutex
be63db5aab751ce38c3932816d79a30d
Attributes
-
reg_key
be63db5aab751ce38c3932816d79a30d
-
splitter
boolLove
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b1b4b125e4ad60e6302928016a7a78fb_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections