Overview

overview

10

Static

static

10

b653df979d...18.exe

windows7-x64

10

b653df979d...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b653df979dca9698cdda1b9984cc6750_JaffaCakes118

  • Size

    23KB

  • MD5

    b653df979dca9698cdda1b9984cc6750

  • SHA1

    c71fc0ef02f0d7bba52d2535b371bc6dd950b9f3

  • SHA256

    fd1d9a0bdcb2a7efb0fb761b303741cd262e10279b2d26c87be5b9bcd2c435f9

  • SHA512

    a62333941b1f752778f2e9211b63a97c42383f990f5389ceeacfe0240bbf88a81716609006d39345b407cddc505b277f5fb7a134836ab9f5a0fd070c41a7f876

  • SSDEEP

    384:hpMKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZhP:hCW4V6+yDRpcnuq

Score
10/10
shadow-znjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

SHADOW-Z

C2

steam008.ddns.net:255

Mutex

4719599c6e49aad91cb3f7978e53123b

Attributes
  • reg_key

    4719599c6e49aad91cb3f7978e53123b

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b653df979dca9698cdda1b9984cc6750_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections