Behavioral task
behavioral1
Sample
322172242f755abaa396aa21be344219_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
322172242f755abaa396aa21be344219_JaffaCakes118.exe
Resource
win10v2004-20240730-en
General
-
Target
322172242f755abaa396aa21be344219_JaffaCakes118
-
Size
32KB
-
MD5
322172242f755abaa396aa21be344219
-
SHA1
4c24c2726672197c30768e27a76e3b660a21e4c5
-
SHA256
87902fd490b189d4ceb81a430fd47d852bf503f373c6ff3caa70a80a9c7d56c6
-
SHA512
ea28cc3d173eae6718f7008e54f9690579f57c45a6b4ba17ee7b72b41cf5c7c0c17695c1529f1d54b04c739b91479429f57d5837d4d88edcd57965eb93b5bfdb
-
SSDEEP
384:CgcYjokkFaOKzsiIyr0NNgnnhFPIS2TQIDlDfodg9TdFpyFEIGsJjwE7UMcrie4Y:5cl/fyr0UTYxouDbEEIGfRNU+f
Malware Config
Extracted
njrat
Hacked By HiDDen PerSOn
a895300ed0d29139b7cc1f693aa150b9
-
reg_key
a895300ed0d29139b7cc1f693aa150b9
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 322172242f755abaa396aa21be344219_JaffaCakes118
Files
-
322172242f755abaa396aa21be344219_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ