General
-
Target
a3abd17cb3e85d95ecde5a090a798eb6_JaffaCakes118
-
Size
37KB
-
MD5
a3abd17cb3e85d95ecde5a090a798eb6
-
SHA1
501a1f00ce9ba81525c911cb20e12747e67e2f0e
-
SHA256
4370b822a679312503af2be2babed7f50ab4603c0e0f9894f37071b746e2ae3f
-
SHA512
bc0214fdfa6a51eba773b9d71baf92504a50d76d695713bf422ea4217ae74751230172bf835fb8a32ad28c06b86b8bdd3f8a9351e0ff9d0a3d201a9b239f92ce
-
SSDEEP
384:M/YIiu7jtD+P3V+y0bBEFYt3vys2wSDrAF+rMRTyN/0L+EcoinblneHQM3epzXML:cdmV10bBEFYt6dwErM+rMRa8NuCZt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
mish305.hopto.org:1177
Mutex
0634b875e66c73f132e55eb1e2e98eb1
Attributes
-
reg_key
0634b875e66c73f132e55eb1e2e98eb1
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a3abd17cb3e85d95ecde5a090a798eb6_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections