njrat | JaffaCakes118_6af84c6ea301a88e3c227d03fdf23b50 | Triage

Sharing

General

Target

JaffaCakes118_6af84c6ea301a88e3c227d03fdf23b50
Size

220KB
MD5

6af84c6ea301a88e3c227d03fdf23b50
SHA1

59579afd9b796a855c8ab267ee43511f4b0ae769
SHA256

c1f518a64de038f24d61d5a4371057ae4f44918f7d9a6d4ee3333a20066d8570
SHA512

6b2786ef7f1c62de0e83f295a1744fa54ca6ad9fb93de0eacde0ea095e4d003be0119181cfcc8b2e943c597d09fa62c431a4fe5ea99f3792a1c16ecf7e0191fc
SSDEEP

6144:wruyWhVN2E7XGydhWSWOXzbam6MGiZ7Kj9/CKaNpftnNW89:wKfhvhLGQhpza26RCZrVJ

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tarikh‮gpj..Scr

Files

JaffaCakes118_6af84c6ea301a88e3c227d03fdf23b50
.rar
1e.JPG
.jpg
2e.JPG
.jpg
tarikh‮gpj..Scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ