General
-
Target
ea1573a7a1a4e721d214ac535c15d263_JaffaCakes118
-
Size
23KB
-
MD5
ea1573a7a1a4e721d214ac535c15d263
-
SHA1
b99268fe0aa74e94a57676b99accb6cdcb880855
-
SHA256
bbbd41df9ee8363af5927a1b8f8b6d373edc69b34069c3a1ff0e5696138a290d
-
SHA512
b5050a6669d74e380a1ff5dce1669a476779e6373d60153d7ae62edc5276c7ccc2718841e6fe4864fa84948c157938ed9d774643dd40db97cac5c58e6ccd2d54
-
SSDEEP
384:SI2SUwXh0ZbAzlRGCvkodj46hgHK0hrVdmRvR6JZlbw8hqIusZzZ9H:1bhEkdvbRpcnu2
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Diethylzink
C2
185.65.135.254:26130
Mutex
6672c70fe787f74f25e3a939a215c79a
Attributes
-
reg_key
6672c70fe787f74f25e3a939a215c79a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ea1573a7a1a4e721d214ac535c15d263_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections