Static task
static1
2 signatures
General
-
Target
888_dump
-
Size
200KB
-
MD5
331e7d501ee8eede0b9339c1e4b6ad6c
-
SHA1
b708cbd80e2376797e07bc5aff3cb2ac94d885ab
-
SHA256
f789b3cae6c67257f13858bbf6ae249c45971df09625014aafa70ed2ad8f85e9
-
SHA512
6bde5d6e1ad9bd6fcecc8fd8b99badbc9ad7a4863321c11d92ffe33747776854834cdf047129b8e16ab7fe917be42482c99defcea50a135ab687698360d27cac
-
SSDEEP
3072:AMazlLD8lfrarEju5gHchPNvOalDY8JAf4lTKrdZqrs0:wJ8tr8aHMvOafGyWYs0
Score
10/10
Malware Config
Signatures
-
Detects win.formbook. 1 IoCs
5.
resource yara_rule sample win_formbook_auto -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 888_dump
Files
-
888_dump.exe windows:6 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 194KB - Virtual size: 196KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ