General
-
Target
7ce38ca1af6a85849b900bb467e35da4_JaffaCakes118
-
Size
31KB
-
MD5
7ce38ca1af6a85849b900bb467e35da4
-
SHA1
45b5279f25ea7866b12bf9e02caf88dd8eba0629
-
SHA256
edc6b8ca1076f0c004d7873f4079b4ba8f8a4f35c47c2baadca8e5ac48a91100
-
SHA512
00db955af5530aa8e0eb0bb0cd4062c2aa4b5833b47678ceb26f1d440bfc7045f536888b525fd1879ad809943a99a0d4365101cb4e5e364ed809771086ded0ad
-
SSDEEP
768:s5Ve4vSNzj9REzxv6/v5H3QI8tvaGQmIDUu0tikKj:cv4zq9JlQVkaj
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HACK CROSSFIRE
C2
snowgato.duckdns.org:1177
Mutex
d1bdedbb684e4a7e51ad819088373ddd
Attributes
-
reg_key
d1bdedbb684e4a7e51ad819088373ddd
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7ce38ca1af6a85849b900bb467e35da4_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections