General

  • Target

    1024e336a508c30590d1224dc6a93e0a_JaffaCakes118

  • Size

    23KB

  • MD5

    1024e336a508c30590d1224dc6a93e0a

  • SHA1

    f4888190ebba6f79f1fd7f80cddbbbda0407bcc8

  • SHA256

    c8aa986f062e9c93831663869e4dbad037be4acdf7eef50b8cdafeb0f01b2072

  • SHA512

    393e4fa0c13773a8ce49afead12229f51ef79075c14da3a269f93d7fe81bb57cc37babccb9f05729472971623d3769899d0241f549de59a584ea17154e3a40bb

  • SSDEEP

    384:bMKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZT1:wW4V6+yDRpcnu+

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

GENRAM MOTO

C2

milla.publicvm.com:1177

Mutex

c1e444094e4e1836ba8400b3d476c9ef

Attributes
  • reg_key

    c1e444094e4e1836ba8400b3d476c9ef

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1024e336a508c30590d1224dc6a93e0a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections