General

  • Target

    15eefc6f36908fb2b9f889f7e726660e_JaffaCakes118

  • Size

    103KB

  • MD5

    15eefc6f36908fb2b9f889f7e726660e

  • SHA1

    b9591e5570bd17b8e03fcfb76ac10450d0e15ba5

  • SHA256

    b5d2b1c680bfe8463e508d45ae7a0005705c5f02c753f354390f929c4fd31e9e

  • SHA512

    1ab07292c3035be937e2ed4c4e77f83bfddbebd558a9d0d5ce1b72e14d39ac8151e2b48a75451ba3fe0e1e569f3a78e03fe04472f28b7a2822fb95f56b2387d7

  • SSDEEP

    768:9bRNRMGmRVUFuNrM+rMRa8NucatzFSn2G:9bRN29VUw2+gRJNvE

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

ValPer PROTECT

C2

192.168.0.103:1177

Mutex

45e516a2514ecdb988d366d41acc6e1d

Attributes
  • reg_key

    45e516a2514ecdb988d366d41acc6e1d

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 15eefc6f36908fb2b9f889f7e726660e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections