General

  • Target

    4f867450f22f31b30de2968e8db80480_JaffaCakes118

  • Size

    2.1MB

  • Sample

    241016-2477ys1hqn

  • MD5

    4f867450f22f31b30de2968e8db80480

  • SHA1

    89e3047f9035cf6e8a54cc7dd28d3a7892a0c048

  • SHA256

    ad9030b1853f073f4e33a25053e216b386b9c03dce2d501f568fc56095b2ac8c

  • SHA512

    635f4c10f90585654143013fd1b0d6dfb9e6b122e8b6bbefb15202ed487aa61b4182438728582e887a00d7e7205f9f32f9b3875864e6ca0cfa9acfb130753908

  • SSDEEP

    24576:06oCmOgMLDIAi8jCICbLMsHc/oiT85CK7ZIST7:AAPoicF7

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

YYY

Attributes
  • splitter

    |'|'|

Targets

    • Target

      4f867450f22f31b30de2968e8db80480_JaffaCakes118

    • Size

      2.1MB

    • MD5

      4f867450f22f31b30de2968e8db80480

    • SHA1

      89e3047f9035cf6e8a54cc7dd28d3a7892a0c048

    • SHA256

      ad9030b1853f073f4e33a25053e216b386b9c03dce2d501f568fc56095b2ac8c

    • SHA512

      635f4c10f90585654143013fd1b0d6dfb9e6b122e8b6bbefb15202ed487aa61b4182438728582e887a00d7e7205f9f32f9b3875864e6ca0cfa9acfb130753908

    • SSDEEP

      24576:06oCmOgMLDIAi8jCICbLMsHc/oiT85CK7ZIST7:AAPoicF7

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks