Overview

overview

10

Static

static

10

c87001299a...18.exe

windows7-x64

10

c87001299a...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    c87001299a6b8f5e31816b5fe5689f77_JaffaCakes118

  • Size

    43KB

  • MD5

    c87001299a6b8f5e31816b5fe5689f77

  • SHA1

    0f9dd0039bd8e59f153b9fee598f97eb21e0677c

  • SHA256

    1788872a46f28d6e1593df23c4502bc5834b9f41f9e544b74848aea6913939ba

  • SHA512

    bcbd0f94f17f60a9ab894077f23afe165a423abcc046e6edcc58860b8fbe01b47f221749a6af630abdab06443388986667639075e724ace7f82a627078ee97ba

  • SSDEEP

    384:2Zy0KNUst+3gUy6L7nCCCE8b9JszQIij+ZsNO3PlpJKkkjh/TzF7pWnL0greT0pe:s8wQh6PnlWbuuXQ/oCQ+L

Score
10/10
dolbaeb@njrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

dolbaeb@

C2

aronakich.ddns.net:5552

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c87001299a6b8f5e31816b5fe5689f77_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections