General
-
Target
a298597d41621d8b4e4be26a07f6a455_JaffaCakes118
-
Size
37KB
-
MD5
a298597d41621d8b4e4be26a07f6a455
-
SHA1
700cb93ebe3aa96024140b5298a60cb91319c0d8
-
SHA256
207c13ebba8fff7feb175a9ea7cd130b3030569ed39de10032673a69f0a6b990
-
SHA512
a3857b7414ca37451d0b6191af1362c6f075b0b8f128724f9dcd52ce3df22ccf4c740a65c6ee5e676bcf6bafcf2f6bad7f0b2d0e2831606dd440e0b3da407c4c
-
SSDEEP
384:M/YIiu7jtD+P3V+y0bBEFYt3vys2wSDrAF+rMRTyN/0L+EcoinblneHQM3epzXML:cdmV10bBEFYt6dwErM+rMRa8NuCZt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
mish305.hopto.org:1177
Mutex
0634b875e66c73f132e55eb1e2e98eb1
Attributes
-
reg_key
0634b875e66c73f132e55eb1e2e98eb1
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a298597d41621d8b4e4be26a07f6a455_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections