General

  • Target

    1232f23a6928a1f33a3b02fa3ed25950_JaffaCakes118

  • Size

    23KB

  • MD5

    1232f23a6928a1f33a3b02fa3ed25950

  • SHA1

    7189c63728d3c523424cbe2cfc3edd341effd3c9

  • SHA256

    c077c3622a982da88651820ac9d01abb5985a645584cae161ddf19115821e67a

  • SHA512

    da508e332fbd507a9562a66a3d9d2c652591877402d50e7504d2cd775977d6fda08e389ae4d46e2173650d81e7473b8896abe5014ea7498969d44c804d73d890

  • SSDEEP

    384:40jeCIYTNQZUuQnJXJeCXlwhPQ6VgDOwBHhdmRvR6JZlbw8hqIusZzZ4W:/3jNAU/ZVX6RpcnuA

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Runtime Boker

C2

qgoldtnt.ddns.net:1177

Mutex

e32abd1bd2a8f5b2eeaa4fb87ed1123c

Attributes
  • reg_key

    e32abd1bd2a8f5b2eeaa4fb87ed1123c

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1232f23a6928a1f33a3b02fa3ed25950_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections