formbook | ea2bca0128d9498a9905b3408ceb8edecefbc96891ae4bf4403739d21fc98c52[.]exe

General

Target

ea2bca0128d9498a9905b3408ceb8edecefbc96891ae4bf4403739d21fc98c52.exe
Size

181KB
MD5

f1d020cd788584ca82dd0b8c66fdf85d
SHA1

6119d960a91417bfd814400287d9237308de579c
SHA256

ea2bca0128d9498a9905b3408ceb8edecefbc96891ae4bf4403739d21fc98c52
SHA512

b1db45b15ff3505d9b4b3118400695375678da624fd5e3687af59738e347eebb935e5071b1f6062f981d2115fda4203da8060a3e0086d43a7bbbdf4390929bd3
SSDEEP

3072:6BfukkpsKtV73CliVM5Zal1ZGjAtvsGk/XpwM0yjZzHPoz:RHTCkSZal1ZGiUGSZzHPoz

Score

10^/10

rat cx01 formbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cx01

Decoy

appskul.com

acasascbcenter.com

dististicks.com

ipsmagen.com

car-leasing-54007.com

elboshari-tradeinvestment.info

5777757777.com

brequx.online

kjds11171.top

jgaytfiz3.xyz

guvenceoyunevi.com

ccpandashare.com

alineacustomhomes.com

bwoywonderkids.com

lazersec.com

gewirgq1uw.xyz

aimappq.info

grandcoeur2007.com

giuseppedematolasax.com

aus-anzhelp.com

Signatures

Formbook family
formbook

Formbook payload 1 IoCs

rat

resource	yara_rule
sample	formbook

Files

ea2bca0128d9498a9905b3408ceb8edecefbc96891ae4bf4403739d21fc98c52.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB