Overview

overview

10

Static

static

10

JaffaCakes...9e.exe

windows7-x64

10

JaffaCakes...9e.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2024 04:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_df5ebbad9519fa2798d3b51475d41c4938d1f44e9a8da641309439d70ebca49e.exe

  • Size

    360KB

  • MD5

    d6e41628c299e5a2304c98afb44a395e

  • SHA1

    bceae45ec34d6b9e4d5aef2fcf123a9e95576107

  • SHA256

    df5ebbad9519fa2798d3b51475d41c4938d1f44e9a8da641309439d70ebca49e

  • SHA512

    56d4d84354dc072d0fe9e5f87fc20fb008f7c01de608cf1d518e4cf121f3529f42337f1a0d51af4a70541c7cecec2053e9e1230494f1bb8d8441e544bbc02543

  • SSDEEP

    6144:xGTt0vRMwEStKSVkn5hb7u4Ut2FHigrCBAYNDj6JSLH3:0t0vRMwEStS5VKuZJYmSj

Score
10/10
njrattrojan

Malware Config

Signatures

  • Njrat family
    njrat
  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat
  • Core1 .NET packer 1 IoCs

    Detects packer/loader used by .NET malware.

Processes

  • C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_df5ebbad9519fa2798d3b51475d41c4938d1f44e9a8da641309439d70ebca49e.exe
    "C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_df5ebbad9519fa2798d3b51475d41c4938d1f44e9a8da641309439d70ebca49e.exe"
    1⤵
      PID:3472

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3472-0-0x00007FFA20943000-0x00007FFA20945000-memory.dmp

      Filesize

      8KB

      Download

    • memory/3472-1-0x00000000000A0000-0x00000000000FA000-memory.dmp

      Filesize

      360KB

      Download