General

  • Target

    JaffaCakes118_49ec41b8cf318b7f748261a3be9284be3028b39b699c55d3390c5152467b56af

  • Size

    369KB

  • MD5

    74755ed77aeb5c0db26411ae4c551d0d

  • SHA1

    7a44552bc0d84a9f9ae62976e67ba62b8488ec42

  • SHA256

    49ec41b8cf318b7f748261a3be9284be3028b39b699c55d3390c5152467b56af

  • SHA512

    807411bf60af906c3d2d9a95ce166aebeb765e606d88fb901cfaa48b5d9f1bca54121cac40cd6133746eb177084c009e5a599c3e80030eb0b2da20acee8baa6d

  • SSDEEP

    6144:hS9nLpafTIAI8hvYXQmmwS9nLpafTIAI8hvYXQmmk:knL4LI8heQmcnL4LI8heQm3

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b47h

Decoy

whistleblow-now.com

14live-msa.one

yenitedarikciniz.xyz

marmargoods.com

full-funs.com

saoraigne.com

noemiaguesthouse.space

datatobe.community

sollight.net

wavestudios.pro

freeorama.com

fasinixiaoribenguizi032.com

mariajaq.com

hyper.vote

aedin.dev

docind.com

zhulinx.com

estairon.best

mlnphotography.art

1948ardithdr.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs

Files

  • JaffaCakes118_49ec41b8cf318b7f748261a3be9284be3028b39b699c55d3390c5152467b56af