General
-
Target
dfe2d5875430a2be8770c107cb498c5a_JaffaCakes118
-
Size
29KB
-
MD5
dfe2d5875430a2be8770c107cb498c5a
-
SHA1
192dc77cc380a325fa69a174fbfea3a22098b7ff
-
SHA256
fe961315a1016baff3ae29fea9a134a03f83ba420950feae0af5fdac69d9d7e6
-
SHA512
9d99fbeb27d8be43b6b99bd96daaa7743934d2ea576cdff02706df4c3abfa4e06b82022eeb2634ae4f3ea858ada2222ede0898ff388695a3cc1d7f3e24af6655
-
SSDEEP
384:NDos5l7l7EMrof6oyr/5NxrimmqDWD4IePUGBsbh0w4wlAokw9OhgOL1vYRGOZzI:N77GMroynbprsq04IePBKh0p29SgRnw
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.6.4
Botnet
C2
hakrbatna.hopto.org:1177
Mutex
55b3825ee39ada2fcddf7c7accbde69e
Attributes
-
reg_key
55b3825ee39ada2fcddf7c7accbde69e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
dfe2d5875430a2be8770c107cb498c5a_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections