General

  • Target

    JaffaCakes118_752ce508020dbc7043f01475d0a0d4aad8a76bc8d01b6984152c762787ff5964

  • Size

    188KB

  • MD5

    d85af29eccd38ee4bb580613f447aaed

  • SHA1

    7347a0086fa7d3b18a818f20582a56c589ad910a

  • SHA256

    752ce508020dbc7043f01475d0a0d4aad8a76bc8d01b6984152c762787ff5964

  • SHA512

    6f958279a27e52f09bfd948f58cd740562a2e3387fd805fe6d45cc11c7b214d7598ff63f2163cf25df2f46be8536b381ea5281ff2134165d7a21cb333de5992f

  • SSDEEP

    3072:RRZ0ka8gn1PLf39P/zgaLIVhHI2YMhJLQoHfaYBXPD/cayWmNd:mXRf9XNLIVhHI25BQAnX7/

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b31b

Decoy

deltafxtrading.com

alisonangl.com

cdfqs.com

easyentry.vip

dentalinfodomain.com

hiphoppianyc.com

pools-62911.com

supportteam26589.site

delldaypa.one

szanody.com

diaper-basket.art

ffscollab.com

freediverconnect.com

namesbrun.com

theprimone.top

lenzolab.com

cikmas.com

genyuei-no.space

hellofstyle.com

lamagall.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_752ce508020dbc7043f01475d0a0d4aad8a76bc8d01b6984152c762787ff5964
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections