Overview

overview

10

Static

static

10

JaffaCakes...80.exe

windows7-x64

10

JaffaCakes...80.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6286ed7aad5e4b8983d3e206e54e2580

  • Size

    29KB

  • MD5

    6286ed7aad5e4b8983d3e206e54e2580

  • SHA1

    e209c4e0a1ebb255c177ceab9e7ddf672d1efa25

  • SHA256

    e01677d070a0ac690ef172cefbbe58608f6f08efd0373093dc92f5ee85bbe174

  • SHA512

    1c3e6e4dccf3d2a0ed6e1ca240e14ef932dc7942b9f3dfcf0635c81fb3e78a6bc40a819480d10c7e12f05dd28c1fb3b75166aee31740a8a7916b485401e85e3c

  • SSDEEP

    384:rjwIpl79TbsiKQ17H5FoQriWmqDGbLTecEGBsbh0w4wlAokw9OhgOL1vYRGOZzsu:z7tsiKojBr8q63TeWBKh0p29SgRe0

Score
10/10
server namenjrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

Server Name

C2

raul-amen.no-ip.biz:1177

Mutex

55b3825ee39ada2fcddf7c7accbde69e

Attributes
  • reg_key

    55b3825ee39ada2fcddf7c7accbde69e

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_6286ed7aad5e4b8983d3e206e54e2580
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections