formbook | d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f[.]zip

General

Target

d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.zip
Size

135KB
MD5

2213467800288e7d73f32f7b36f04842
SHA1

c79c2392d483aafdc9f85c4e6c817aaf7412c297
SHA256

2dda4237383e332273ef835e499f7f12b3b7fd9326ec6a3a945c773284abb0ad
SHA512

afa055f61fa3209bc8d5dd0685f2d224b68d61603142266e195a1762005c9167af1597c80f7db3281242e77766b659f8b7ae71f547c7271fe409a61efe35e493
SSDEEP

3072:87cDktepBrAf+IwOcDmOWvvxo1YhlPD1TtUEdtaqk5Z+uGaxnwDrZ+:al8BrAbwlDMR7PMEud5Z+taxnwDrZ+

Score

10^/10

rat qsqm formbook

Malware Config

Extracted

Family

formbook

Campaign

qsqm

Decoy

gYI8BO7T7BQOBw==

5kKpX8NHT4cITCAOEkMYvi5HiMZ5

oq5lCVwFY9KNJipM

OiTOjWhDMXBf8H9o79k=

rSDHx5jqNn3Sz/LND/0G

ob6FSUE4NYUi5Iqg1YGfMg==

fI5oMbAC5EAeerSKKRM2PjF7TYJh

lmWieqE8QHg=

yLxwFWm+rbCJXqE=

MyY9R8VCSaAtEJY2MdHAXKY=

WYA53Ezjh808

EPu6bfMPNJUh

upyUkeqQ6B/FJyq2PCiwnZf/

RvN3e2hDLJQmo9qtZTVoRmPi

hZhWEObjh808

K1gowrFsO5p0UchTUEVoRmPi

7hXPaZ6i+F7o2L8OCCyhNA==

bIp+E/xrSG9QHA==

+EPrJAdvSG9QHA==

METFhoRGH1sBBWhAbA==

Signatures

Formbook family
formbook

Files

d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.zip
.zip

Password: infected
d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 179KB - Virtual size: 180KB

.text
Size: 179KB - Virtual size: 180KB