General
-
Target
JaffaCakes118_68d7870f67c59bbb9c6f15b133fa7aa0
-
Size
29KB
-
MD5
68d7870f67c59bbb9c6f15b133fa7aa0
-
SHA1
47b5194479e23eac1eeb8f3e7d7a8e5d169bbf67
-
SHA256
67e264109c4d2f3614a330d5d9bab8d281ad5b3db06c6994d80ed40df3f7b5a3
-
SHA512
3c2309ac2fe66899c257525c6b6fb8d0ef61f29f114c290c82d5b7009e9398f03cffafae7f14045bf7e746426cad5bf71805a1f81c204a05fa2864212378ef0e
-
SSDEEP
384:LPqvANl7TxTD+VF2dbofPauxnaIuN15708COmqDk9jeHqGBsbh0w4wlAokw9Ohgt:Qu75oa4fuTC8cqojeVBKh0p29SgRoG
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.6.4
Botnet
big liker
C2
weldtn.no-ip.biz:1177
Mutex
90480ec0be14f6221b63d9107a2dd7d8
Attributes
-
reg_key
90480ec0be14f6221b63d9107a2dd7d8
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
JaffaCakes118_68d7870f67c59bbb9c6f15b133fa7aa0
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections