General
-
Target
eb2234477c28ab454aaf114d38451756f596bca45dd95a6e20fd23561ed8f34f
-
Size
176KB
-
MD5
e4ba5a78fe4d2e776133e63a396b3d00
-
SHA1
dd63a730917ba8fc19f61b1e97dc065be7eb5d39
-
SHA256
eb2234477c28ab454aaf114d38451756f596bca45dd95a6e20fd23561ed8f34f
-
SHA512
e564e1bf2b5bcf0075b84a7a08ac48efa904bad71622319ac2c9d1c32e397a4704a76ae27e57ef7f39ad803bc1f23aa63b5098c9f09e3929b78f0af3b168711d
-
SSDEEP
3072:+bM/LqDvXCmMpRXWi/7bXsK0De2193EooeTyauZA04tI8RDQv6QH+X5K:+bTDPVMR97L30Jr3EooeTyauZA04txOe
Malware Config
Extracted
formbook
c0wb
7JZTbXQoc8377jhH304=
/6VxkIVHBs1SfU1lAU94Ec3L
gYHG4suJeNoH5ELDHMT8mBg=
Y2Knu7Kck+MLKzdFZw==
HladzgoE+rph1rkLBmq0NcDB
h4MOvhQW7gms8MLbZov9mRo=
7AdhjKCWDm+zE22xYXOlW9vJ
dczD+QK8CsdY
ld5KVgJ8y5VB
FUvUBPzOnqCAtg0=
DytQZoh3adUKKzdFZw==
/6G////ABgRMJnr5musrIdfZZnFJ2CFD
+YODQalhM32Se+hvEB+9jBA=
E1YFuRHBEKCAtg0=
FbzXW29h5lmk9ESTGSOJeFMdO/4=
cDUkteyRja3suA==
TYLQ7+Oc0HR5QsML8hQvQQ==
QDiFzAqxeFuZlaM2Uxu0NcDB
YgMVQzb6Rw1Mp5NL9k17GKhngXpJ2CFD
AxR1lpBw/3u9Gn3HYYv9mRo=
4Q9SiMi/0rj4z+gnTR+B
efvwi9HFPaHHuKgrRBS0NcDB
x1RQBWMLRwlBelma93yJ
IGpfo/QHGBotxs9T
zPuG53Ys/vRl5tJZ
68xqcDK8CsdY
e3z/NSbpq3wka5DZ9n2L
TlneFwe6Yhu3KUHQ42G0NcDB
7v1acHZl+A8h4zhH304=
p03qCBzopYw4e6TgGVk=
aJ4VrvS8CsdY
6408WXFd7MJrtx2eQVdV9gq5ag==
WYUbwfe8CsdY
zedWg3ktQQ62rw==
1tlpGED9QAEfEJbb+Mv1EuJMS/yD
Bm+IJmQOOPePySy7QiggkFwlNf4=
g/8VzyE10Ew/q5ia93yJ
JyukukGCtqCAtg0=
KatodWBlWiZ6xCdf+Wa0NcDB
ZI/iD0dD5t3pLZVE
Td6vmUkLF85a
RGTloQi+DFh8uDfFWKrr9rO1Y3hJ2CFD
FRFcfaJIGOUhghWfKzXoVn8E6PqU
o0nrjw6g9sJS
Qz+IvvO8CsdY
HT1wpt7s7Ut6o+5DcA==
Co+Hu8aooFjgPVGa93yJ
BCWMyN7Se1wOiDhH304=
sKvrH0cTVkyWZb490NjZsmDmKve4prY=
6wBweR9jja3suA==
JODnLl4IyqFEgVma93yJ
7p1sj4UPIN1ZwJnX5tNmQQ+4aA==
cI8eIqE3uaCAtg0=
p0MEN14FUA8fKzdFZw==
ZGit1v6lYT+AYGa7Xov9mRo=
hJwzzAUFB32uoAyY8hQvQQ==
6RO+X5KJmnkrpY3Z32G0NcDB
RD9WaEQe3MZyr4vYQRN2U+HJ
Fa7dJS8THtH67jhH304=
Q0LUf7CxvXcfkJgjRhi0NcDB
qBvpIzLvTBRMYXn+kHZuSQ==
na7Z8goMHHmj7AzM8hQvQQ==
R8DNU2Rc1nn7SrP7mPfz1pyoVHFJ2CFD
EhdZX1xWYy9S0LWx08WkUsbW
lestoreadores.online
Signatures
-
Formbook family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eb2234477c28ab454aaf114d38451756f596bca45dd95a6e20fd23561ed8f34f
Files
-
eb2234477c28ab454aaf114d38451756f596bca45dd95a6e20fd23561ed8f34f.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ