General

  • Target

    JaffaCakes118_e22ba3c19a05e80f279ac0a6f376259092957d1fff02852967479efca24f5cef

  • Size

    188KB

  • MD5

    45e26babd2c1ed48b2189dbf2b1f1dfc

  • SHA1

    1919a36b3a29ffda19040bb0cc814f35f975ab49

  • SHA256

    e22ba3c19a05e80f279ac0a6f376259092957d1fff02852967479efca24f5cef

  • SHA512

    49639666efd542a15ceec7c658e15284a90c240087d1a75d2f8d339cf73c6612f9a6ae94a222366d6d2f501c8b25d61c13e4682ec301e4ce2eee7a284cdfac90

  • SSDEEP

    3072:u0YMAKkY0v/JdqdiE37zpuWOLSKz7rZNe4eyNi+G5Ju9vOWGn2YJkhE:Ic0DUiq7du3SKz7rZM4B3G5QcWGnx

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g1z0

Decoy

americannerddaily.com

toespins.com

monicacandray.art

order9365.info

tocorap.com

artibirfestival.xyz

somopepe.africa

tallerfloral.com

designmytattoos.site

sokusup.com

oldgringoboots.store

akhilanjali.com

eutpuale.work

iconsuphanburi.com

idappiesupport.us

finprom.tech

standuppaddle.schule

traplineleatherworks.com

onestepahead.live

offwhitesales-it.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_e22ba3c19a05e80f279ac0a6f376259092957d1fff02852967479efca24f5cef
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections