General
-
Target
d2b6c3f19a678b8829ab876aefa2e6b2_JaffaCakes118
-
Size
31KB
-
MD5
d2b6c3f19a678b8829ab876aefa2e6b2
-
SHA1
b6213d238f9c6210c4999d766dcb19f436102f9c
-
SHA256
1e4cda70b68ba9332bb5304954a54179c9123d42b20cf85a5be7148b14decd04
-
SHA512
02cd029adb888a9d63c79abbad0cad22c18369b360b34564ff99643085fe81bf2646e3e2004ec0048bb88563ffd7bee1f7023c6437c8780f868a68cd6aa74373
-
SSDEEP
768:CNA5LgJZLrGzxhucORKqnzhvv6XQmIDUu0tiH+0j:PUKAxREQVkizj
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
BorMek
C2
zelenui.gotdns.ch:7777
Mutex
7aceb3d4044544cd50d890b7300bc670
Attributes
-
reg_key
7aceb3d4044544cd50d890b7300bc670
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
d2b6c3f19a678b8829ab876aefa2e6b2_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections