formbook | JaffaCakes118_6d3533f7a5fda7a915376943af99b40d2f71d12465aa2827d696c66146cc0528

General

Target

JaffaCakes118_6d3533f7a5fda7a915376943af99b40d2f71d12465aa2827d696c66146cc0528
Size

188KB
MD5

a26de7eb5556ea4f5c2351075f289b23
SHA1

cabe5cdad4bad462d3b455604752e2f9b246e808
SHA256

6d3533f7a5fda7a915376943af99b40d2f71d12465aa2827d696c66146cc0528
SHA512

703ee3f2c70f5725738e5b0b7a171795485467ec05fd681d30e33fb526e76579137fc0df6f549ae6118a25ca6860129bcc79fbf081524b6500131c094c75e4ca
SSDEEP

3072:UxGFVeJnWyzQNcWnhum0pW0JeYYaT++yKGhOazHvuu/AGm47PAQo81:OGFEWc030xfK+jWOaz2i7PAE

Score

10^/10

rat uird formbook

Malware Config

Extracted

Family

formbook

Campaign

uird

Decoy

TlcuHu8rSVHCl8dEhw==

Z8eO99AIVtoGxGRAkg==

PaaZdt5sWJ2Fx8ZDhw==

hP9PRiY6iQl8hKx4nm+T

l2vRshx/7Q==

R7p958H+ZVkAp2wniQ==

HgjKvYOuCbWyc00xkA==

06cBeEZ072pjITrvlzZj2A==

b3FCFO4WVxByYWgbAM3vdYQMpsLLI3A+

yRGHdDlo36DrpJkd+MP5PAaftw==

5duWi1d/86QXFSGhHvQdjJZYw9FQ

F+LNwJ7SG40M0n0c+sb5PAaftw==

YeGzMwcgjEEousZ/5sX4PAaftw==

ZNerCOcKVwH19rVRYsAvZUA=

whJrTyE/uWfEyISFjm0=

dVUnA9EKBAf6uGA=

wK6DX0p+x4M0yMM1

DZv65LbiQLMKD9TJlWuO

yrEahmGCuRsS5Bnddws5wQ==

GoVj2q7O5NfZ2g==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6d3533f7a5fda7a915376943af99b40d2f71d12465aa2827d696c66146cc0528

Files

JaffaCakes118_6d3533f7a5fda7a915376943af99b40d2f71d12465aa2827d696c66146cc0528
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB