formbook | JaffaCakes118_46f307e9820e5ce71371d5a7b119d3e4847bc745650d76aafa53466c95b13e62

General

Target

JaffaCakes118_46f307e9820e5ce71371d5a7b119d3e4847bc745650d76aafa53466c95b13e62
Size

188KB
MD5

efd914c1aa156cc2fa8945ca0040faa4
SHA1

50614f2c3b04ec36e0373f91919027d9ea03f1d0
SHA256

46f307e9820e5ce71371d5a7b119d3e4847bc745650d76aafa53466c95b13e62
SHA512

de0d8cd4175bec10c2b29923f3c48e6832201de8a8d5f5a1cec23d62fd43b1187b1bccfe8fcbc777afc35a241268fb1b0d33f55b6c4e53681cafaf130d2392f9
SSDEEP

3072:ZPdpGOL74XcYfbFtWD4i1G/RpUvZ21LHMIA1z/Z4vR0pbCf/+5tUtZIpphphVW:nHKJbFuc/LYs9MIA1zR4vRr/+5tIGpts

Score

10^/10

rat qtmt formbook

Malware Config

Extracted

Family

formbook

Campaign

qtmt

Decoy

tLb7wFo1Zl2NiXA=

dNmY9Q1KhjY/o5D8LXDR

+ucQSs+m3nzuPsVnjQ==

Hn8lBZJ76Z7+SsnjRnvf

IRs5aBFo437W1Wlu0hkvqzaD

oXegGlGpBLW/NxVp

HH0nUei92Yab7bBejw==

5JU3JtIcr0uIonO32Sl6dwgGrw==

3bRrSABLpCp/k09s0hkvqzaD

n/qnm0tzPExaZBtKzFR4yAE=

+8bUvHrXYf5Qgluiv1R4yAE=

ioOSx204Zw6Kn1n/P1blU+zrpQ==

AYMpWgVetqoAHQfwKf9m5RY5TVavKfNQ

m4Sj3nxy0s/2XShXWuodzx4=

UbFRQvjW74bdblqdmg==

JeWyHEuoyaLnSmU=

ku2TjUA2iiRy0cw7V2T0cKHXY/E=

Jn8qJMu05pXqPsVnjQ==

mImwJemw24CxPsVnjQ==

ovC3AqR9pFi7AQPs7nTGChVEcQYx

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_46f307e9820e5ce71371d5a7b119d3e4847bc745650d76aafa53466c95b13e62

Files

JaffaCakes118_46f307e9820e5ce71371d5a7b119d3e4847bc745650d76aafa53466c95b13e62
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB