formbook | d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f[.]zip

General

Target

d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.zip
Size

135KB
MD5

7822b76ffb942bf896b4689d856b42df
SHA1

49f9319f39026e16ceda5d22dc9150f81c81ffd1
SHA256

0dafafc475ef59bef847dac69735c3325b03ce2e1d21969cc5a3445372e0aa73
SHA512

0d2c748053937a1555baf8d29e0ba4df1a216ed60020cc7e253333bf441ce2ed73481e757f9726db398818528180dd278a89c9d80c5c48f25f67cd6a374ad592
SSDEEP

3072:y0cKEYdF44RM1nBNUcHYqEJLpNWLrb7VS2yYLR8dTByy12CpW:3/WJTNYqE1410VpW

Score

10^/10

rat qsqm formbook

Malware Config

Extracted

Family

formbook

Campaign

qsqm

Decoy

gYI8BO7T7BQOBw==

5kKpX8NHT4cITCAOEkMYvi5HiMZ5

oq5lCVwFY9KNJipM

OiTOjWhDMXBf8H9o79k=

rSDHx5jqNn3Sz/LND/0G

ob6FSUE4NYUi5Iqg1YGfMg==

fI5oMbAC5EAeerSKKRM2PjF7TYJh

lmWieqE8QHg=

yLxwFWm+rbCJXqE=

MyY9R8VCSaAtEJY2MdHAXKY=

WYA53Ezjh808

EPu6bfMPNJUh

upyUkeqQ6B/FJyq2PCiwnZf/

RvN3e2hDLJQmo9qtZTVoRmPi

hZhWEObjh808

K1gowrFsO5p0UchTUEVoRmPi

7hXPaZ6i+F7o2L8OCCyhNA==

bIp+E/xrSG9QHA==

+EPrJAdvSG9QHA==

METFhoRGH1sBBWhAbA==

Signatures

Formbook family
formbook

Files

d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.zip
.zip

Password: infected
d93db44add0a1601472c9367293d29af274a2dca1bf9ef4c0829755000c3c37f.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 179KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 179KB - Virtual size: 180KB

.text
Size: 179KB - Virtual size: 180KB