formbook | 8b6be142c575a529f324fafa4ddee5d2871d8aa83bac03cfeaba4aaa87b00fdc

General

Target

8b6be142c575a529f324fafa4ddee5d2871d8aa83bac03cfeaba4aaa87b00fdc
Size

184KB
MD5

63d036d574e0eb90d9a193c0801ae939
SHA1

09bb1ca9258ba90202e9d3f5a2c019794d467e02
SHA256

8b6be142c575a529f324fafa4ddee5d2871d8aa83bac03cfeaba4aaa87b00fdc
SHA512

2f707cea67e7226ca774cef92e71312b8d039d25819cedb617eac9978e9d55f8fd4cb21114b660bc8401495aafd7e36a8596d81f5111b6ce631d9cfc216c4159
SSDEEP

3072:DbTt0OVkMlZXqJWYfz4AvwfLAWfVOFkL2UhQLSmp79lcBGocDXwZT:LCOv/q9f5yLHf4FQfhuBlcBGockZ

Score

10^/10

rat fbce formbook

Malware Config

Extracted

Family

formbook

Campaign

fbce

Decoy

Z4SlvN7wcIB/2gY=

FFxoAMtxrL9l7g==

mKvH23KL1Kkslrophi2XdTixtw==

ts/+Gjx4QSxh2v/2bgWSdTixtw==

1+wJH6lV4UJyjr7vbBg=

yR65207vjV/6Q6UHbA==

Y2Wer9IX36etHIQvahE=

m6bDwG4ZqmXdJmxfulNdSORn

9JCvDS+6rL9l7g==

h8BVhgCWF42kNWJ0kEEG

E4cgTU/1Dd/vUGxctFFdSORn

Sas/mUy2gu3J6w==

gXrJPNkWYT9+yAM0LxuSOA==

uwi39xAk3ausGIQvahE=

L9UlTdkVJI0sKFML

FRFTqk6M/uOMHTt+s4xkLw==

frH5Cqk6Ze7X7GBvzGRsUIa7/nAbM3l4+Q==

Woez0ZwtpgHbKUQrZUwMgDI=

ODtHQ3o5PY0sKFML

lrHa5P2LmHI5d5QRLxuSOA==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b6be142c575a529f324fafa4ddee5d2871d8aa83bac03cfeaba4aaa87b00fdc

Files

8b6be142c575a529f324fafa4ddee5d2871d8aa83bac03cfeaba4aaa87b00fdc
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 179KB

.text
Size: 180KB - Virtual size: 179KB