General
-
Target
JaffaCakes118_6ba49d5b29f7ba65c993ac2f74aea3a0
-
Size
24KB
-
MD5
6ba49d5b29f7ba65c993ac2f74aea3a0
-
SHA1
9f2d81787c6079f3975fc3f8b02af5d3b6a47366
-
SHA256
58ad1f651e494e01292fb3e48ff201d6af72c0799d4b35039bc043e8508ece24
-
SHA512
5adb38d421eb11297b13bd0253b7fc68bc0c1b229a6e465dbf2605830b97962790ced9c3bba56232e89ef97dfc03a8c85c312b64b927dbd1b6e0250938faf896
-
SSDEEP
384:sV8aZYC9twBNdcvFaly2H0ddJo6HghcASEJqc/VmRvR6JZlbw8hqIusZzZ05:sdY+sNKqNHVSpRpcnuP
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
alkhorsan
C2
alkh20.no-ip.biz:5552
Mutex
5dfe2a067fbafa81027f748f2ef71a80
Attributes
-
reg_key
5dfe2a067fbafa81027f748f2ef71a80
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
JaffaCakes118_6ba49d5b29f7ba65c993ac2f74aea3a0
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections