formbook | JaffaCakes118_3e04ca2db60c5c2489735925133d35dda6fa2a1d49806ef99bcc6a16a84e646d

General

Target

JaffaCakes118_3e04ca2db60c5c2489735925133d35dda6fa2a1d49806ef99bcc6a16a84e646d
Size

188KB
MD5

33a2ba0d880aa675fc4d684023deb06b
SHA1

27cccd6ef37758ab7423b6300c2f562dba7aae14
SHA256

3e04ca2db60c5c2489735925133d35dda6fa2a1d49806ef99bcc6a16a84e646d
SHA512

9239d54f66bc61305f9662deea59dda247c2e03892b4b4b5ddea5082b9b4a47cd8bb80580e8dc6764f49cc8a7db25cb001e9b11f148bb65e63f3a052d61072a2
SSDEEP

3072:lN4E4ksrntDseMjrs6sWjUaYViXnX6VLd3dUYzSoE4BEV51O4LJZ27d:HUpp6BUk3X0B3dUYzZrz41Z2

Score

10^/10

rat aoj8 formbook

Malware Config

Extracted

Family

formbook

Campaign

aoj8

Decoy

ENTLx4lFGERVS9s=

rEA3IFQK5Dnyb8Xv

mBf53kjnt+/tHjbDz/bbMMQk0a4=

kmA7ItiWZ7qj2K8vMg==

bWbMk9SJaXV1Md5wtiua7i8uUQ==

cTWJZ5h7GYUB

B+OydinPo5vw40Sp+nI=

N9BHHJp7WJP/40Sp+nI=

RT6c8Dr65UHyb8Xv

vXmVd497GYUB

3WdLM65d/IWPtQ==

1Ip3U8N+Xndu2K8vMg==

LtW0iwe7j7Gh2gGL2+R7iw==

3LguLF0Hzx2ZVACf2+R7iw==

N6aWcrJkODQEENyu73A=

0FTVnBXGm77q/LP4

PRoECAfCotQx44gPY8whlggiTA==

ZtxTLtRpPjm67imhtxWm7i8uUQ==

NjAk6GES5xT2F0XH0+K6ccQk0a4=

sVvFX26P/IWPtQ==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3e04ca2db60c5c2489735925133d35dda6fa2a1d49806ef99bcc6a16a84e646d

Files

JaffaCakes118_3e04ca2db60c5c2489735925133d35dda6fa2a1d49806ef99bcc6a16a84e646d
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB