General
-
Target
f25337847f809c4cf5ea24a4a9af0c51_JaffaCakes118
-
Size
23KB
-
MD5
f25337847f809c4cf5ea24a4a9af0c51
-
SHA1
8a5990ef0d9f488eb4cb4eb1c636f7819f155a3f
-
SHA256
33004fa7af4e98bde177120ac7e8513ade349c988d24e3606cea70f9c75a704b
-
SHA512
96e7da791365008198458fc372cf9d906c13245452c18ad3857abea6fa88e8451f10331e79bb32f130f02bbf11e63085210f791456fff9b3fc17827148fecc2f
-
SSDEEP
384:uPsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZkA:uEf65K2Yf1jKRpcnuu
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
ddns.gotdns.ch:1271
Mutex
1ebf16c60cc0fe167d260b54d95fafe4
Attributes
-
reg_key
1ebf16c60cc0fe167d260b54d95fafe4
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
f25337847f809c4cf5ea24a4a9af0c51_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections