General
-
Target
fa1c69db99f7406b5b5be5994a2ecc38_JaffaCakes118
-
Size
37KB
-
MD5
fa1c69db99f7406b5b5be5994a2ecc38
-
SHA1
e475f356996dd2919400bada54975aee4d22c4b8
-
SHA256
6cb0c6c55411375878184fba0feeee93c99c7f184818449e548ef875486ec38a
-
SHA512
cb4ad11b56e3a93e157cbba007fcb60f886f7f1c65959650d51d4676efa3d2378100652d7feb249c9fe8de624a8e1ed66dabeffa4be1b52b15f729d4ffa65917
-
SSDEEP
384:s19pkitgZf5W9cTYXyc/yK5M4azfzQnssIkLrAF+rMRTyN/0L+EcoinblneHQM3u:oijjTYic/yKqcssIWrM+rMRa8NuB9t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
zdzdzdzd.kro.kr:1
Mutex
fdb6a2048ccd0ff51cb30e142e8611b4
Attributes
-
reg_key
fdb6a2048ccd0ff51cb30e142e8611b4
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
fa1c69db99f7406b5b5be5994a2ecc38_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections