General
-
Target
JaffaCakes118_f8333a5ed0e285bec1e3a5530e14f063fd01e98584498c9f82351b670831b47d
-
Size
136KB
-
MD5
c6ccc7f2cd35af8acc1e5fd9a82e3f76
-
SHA1
55f8cd19286be1f26441b8a1a3917b0771b7207c
-
SHA256
f8333a5ed0e285bec1e3a5530e14f063fd01e98584498c9f82351b670831b47d
-
SHA512
0e5cd488811f99e49d85e1f48db8a20b02c4e150973cf75cc706fc0f6d12114f30b1e325c206acdabc3941dece30e689e00f5610615b2e209c21772a1982048e
-
SSDEEP
768:J+P5TZ38fhCVz0tGxrM+rMRa8NuxintVJGX1LwB7iwQYXoAi2HhcM:J4TZsJCVz0Ai+gRJNoigX
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
4.tcp.eu.ngrok.io:17275
Mutex
79fd7f8597e22b0028e3aa50a7a04325
Attributes
-
reg_key
79fd7f8597e22b0028e3aa50a7a04325
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
JaffaCakes118_f8333a5ed0e285bec1e3a5530e14f063fd01e98584498c9f82351b670831b47d
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections