General
-
Target
d5ef4908d73f1258311f9775e500b53a_JaffaCakes118
-
Size
29KB
-
MD5
d5ef4908d73f1258311f9775e500b53a
-
SHA1
73306ad9b2e7a8683cfeebad89b66e97f2e9bbd2
-
SHA256
66d18cdee8166925c8f04fe2635bfdf9549765db7dd5c8bcee6f7a282bf60720
-
SHA512
1910e29d7842bee31bcae2a13c8442361a909cb3586ce005ee77f74903e3c68095c51a9049e9975868e639bab2ee95d41924827d63ebaa7353cf0fac0e42b332
-
SSDEEP
768:beu75oa4fu124AqFjXeJBKh0p29SgRwS:H75CPkj8KhG29jwS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.6.4
Botnet
victom
C2
sphack7.no-ip.biz:1177
Mutex
46d93431630fc8e404fed7204e708738
Attributes
-
reg_key
46d93431630fc8e404fed7204e708738
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
d5ef4908d73f1258311f9775e500b53a_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections