General

  • Target

    JaffaCakes118_e03b835ece081e5fd61b802fcb52c934675d9b21d21f0eb6cc83e872c7eefada

  • Size

    188KB

  • MD5

    d4e80bae9acbe384555202ec7ecdb790

  • SHA1

    607d7f97589392434fd50bdffe08cd3437f64283

  • SHA256

    e03b835ece081e5fd61b802fcb52c934675d9b21d21f0eb6cc83e872c7eefada

  • SHA512

    c6e3a496d2764ce9fe20757e01683c9c06094e0e7c621a8b910069b4a7a857b9885c7d08efe75e7783ee5edde79585b438a58316c94a76152ac73d7ef2968bad

  • SSDEEP

    3072:WvmXokrEuuhoA4cEfUYQwlJaEJUobP8W04Dhvj3SKMis3:Euvc+IwjaEJUQPr04drSKMiY

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dy47

Decoy

valeloaiza.com

nxmdta.quest

yennft.com

techwithnova.com

newssmart.xyz

devopstp.com

trophies3d.co.uk

helpagencia.online

fineclocksandsoaps.com

universerealtor.website

hyriver.com

xishangtao.com

getyourhostingnow.com

one-poker.com

ry-cw.com

colaye.us

russellbanx.com

rennentedieeinzige.uk

heliconiaparadise.site

234sportsagency.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_e03b835ece081e5fd61b802fcb52c934675d9b21d21f0eb6cc83e872c7eefada
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections