General
-
Target
c1e0e83e1bc216ab0a7e7ef9965adb50_JaffaCakes118
-
Size
43KB
-
MD5
c1e0e83e1bc216ab0a7e7ef9965adb50
-
SHA1
f94c68079c95a5f8d6bb9fa6a84de9411f62c5b1
-
SHA256
4e711fcb1feb9d053cd3bc9f4133903addb11cd6e847e878c747de9051aaff33
-
SHA512
86a5a52e7d9a2584498556a85cc336cd82a3babee378ce2c427eaf343b61daa5f44666d78004bedc47dd5b1fe743e01cb30087907d43199494a2cf7af30b67b0
-
SSDEEP
384:/ZyLivHn1iDcsyEqtBfQEGCOEhGyOEtzcIij+ZsNO3PlpJKkkjh/TzF7pWnQYgra:BFHnU4pEqtNQE5SyZuXQ/oB8+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
alexey
C2
127.0.0.1:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c1e0e83e1bc216ab0a7e7ef9965adb50_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections