Behavioral task
behavioral1
Sample
1024e336a508c30590d1224dc6a93e0a_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1024e336a508c30590d1224dc6a93e0a_JaffaCakes118.exe
Resource
win10v2004-20240730-en
General
-
Target
1024e336a508c30590d1224dc6a93e0a_JaffaCakes118
-
Size
23KB
-
MD5
1024e336a508c30590d1224dc6a93e0a
-
SHA1
f4888190ebba6f79f1fd7f80cddbbbda0407bcc8
-
SHA256
c8aa986f062e9c93831663869e4dbad037be4acdf7eef50b8cdafeb0f01b2072
-
SHA512
393e4fa0c13773a8ce49afead12229f51ef79075c14da3a269f93d7fe81bb57cc37babccb9f05729472971623d3769899d0241f549de59a584ea17154e3a40bb
-
SSDEEP
384:bMKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZT1:wW4V6+yDRpcnu+
Malware Config
Extracted
njrat
0.7d
GENRAM MOTO
milla.publicvm.com:1177
c1e444094e4e1836ba8400b3d476c9ef
-
reg_key
c1e444094e4e1836ba8400b3d476c9ef
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1024e336a508c30590d1224dc6a93e0a_JaffaCakes118
Files
-
1024e336a508c30590d1224dc6a93e0a_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ