Overview

overview

10

Static

static

10

ff70095137...18.exe

windows7-x64

10

ff70095137...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff70095137235f6ca0adde65cf76d52b_JaffaCakes118

  • Size

    25KB

  • MD5

    ff70095137235f6ca0adde65cf76d52b

  • SHA1

    6d58603b98c1e5ff21a65c8db1d9a76363c37b26

  • SHA256

    91aeac27a8ca345eaa6926aecaf8868888d5b14e1164b54d3c57fec6aedef22e

  • SHA512

    4a526b173eb3b78580962be6c11792b8fc84a2d9fcc5d680b9ab92f5c00c65f0ca307f2c878778194e80b30683c3f738ff5e12e8cab5d6aeeacefc3535f626aa

  • SSDEEP

    384:bc6CqbFYh3odrVCGiHssDB4b6i6fgpEupNXRmRvR6JZlbw8hqIusZzZ2KXNek+vD:AIU0tw3RpcnuW

Score
10/10
microsoftnjrat

Malware Config

Extracted

Family

njrat

Version

Madest 0.7d

Botnet

Microsoft

C2

kirya.hopto.org:1604

Mutex

3b0993c80a0a836b6ed4d0b2940db392

Attributes
  • reg_key

    3b0993c80a0a836b6ed4d0b2940db392

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ff70095137235f6ca0adde65cf76d52b_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections