General
-
Target
f042366cad6e25bfcdd7bfba2e8ad2ec_JaffaCakes118
-
Size
43KB
-
MD5
f042366cad6e25bfcdd7bfba2e8ad2ec
-
SHA1
4e13c7cc2acd47a6512a6ed034f8f01c37e7fa7e
-
SHA256
ceb9e95f88b3203cc95a537d2c2a64e66a2100ab839ec490abafeff237e6ef97
-
SHA512
094d432325267a94bbf548fd24a67f1132e28b7bf75ac5fe11dc5569c56df1fd4c25238dddda826e648f9ed594f15bf8136f18ae91bf3c0d26e82a28e26eab0a
-
SSDEEP
384:kHZyT36Nkli0yizcpSQOWpeMVOaEnxqzVmzkIij+ZsNO3PlpJKkkjh/TzF7pWnq5:k5R6ABiopSQOWpeeOxMiuXQ/onUM+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
???? 10 ??? ??????
C2
0.tcp.ngrok.io:17050
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
f042366cad6e25bfcdd7bfba2e8ad2ec_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections