General
-
Target
492cdcbaabfdbcab9496a10bf2ca3850_JaffaCakes118
-
Size
23KB
-
MD5
492cdcbaabfdbcab9496a10bf2ca3850
-
SHA1
c3b730d7cc7aa5b5a5fe8b28611c20d473d3bfda
-
SHA256
29da87bcd8a61a8d882dff26985eba032d678212e292ca35da18079dee1823a6
-
SHA512
ffe49f75e5d37ab540db6ca217eeb0d74c7401ed90ee69336988b30c84ac282e69816369cec0b0037e83846e8a8eb0bb4d5e62c497a7d50517605661bcc791bc
-
SSDEEP
384:PQ+ILgIbOprgPsUOSU0kB1kd6dg7GYh/JomRvR6JZlbw8hqIusZzZWD:CLL6MVU0NRpcnur
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Monday
C2
185.84.181.89:8280
Mutex
9f53e3d1d8f1ed7f25c1ca7097e17bb7
Attributes
-
reg_key
9f53e3d1d8f1ed7f25c1ca7097e17bb7
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
492cdcbaabfdbcab9496a10bf2ca3850_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections