formbook | JaffaCakes118_e1f7c1d98ab2515f1819d0e5c3b85000f3ad22139a8533ee21d12224861cbd5e

General

Target

JaffaCakes118_e1f7c1d98ab2515f1819d0e5c3b85000f3ad22139a8533ee21d12224861cbd5e
Size

184KB
MD5

49ccc20ea91c4e8a67a3b7220cb44fcf
SHA1

10e0c188c325d93123f56442907ca4005898d7b6
SHA256

e1f7c1d98ab2515f1819d0e5c3b85000f3ad22139a8533ee21d12224861cbd5e
SHA512

a36b0db54f3ac7392af17a024b355fff1bb2d0fdd8713ec7ec3731ab33ff12bba161b91f2ed318701b962e37f60e24a5e6e14b621ec23a41286bcfaa9bcbce7f
SSDEEP

3072:fz+bfO4kekyGyqJWz1v4rE8pb8RNlYYdgW2WNcLZy1VhVJBCN:fzAvMYqa1tEbYNKYKW2WNcLwRVa

Score

10^/10

rat obc0 formbook

Malware Config

Extracted

Family

formbook

Campaign

obc0

Decoy

YKHh7eUhROv8lTGf

dYXUMOf5gx1jQBHOF/m9Dmpi

eZzfF9Xj/ApgPRz1WVZbdrhDxNHd

/CZtjo/dEY810dc=

QGF5fU1dYe78lTGf

NeEQYrEptEgdPtiuGZteig==

j6SvoVt1t+dhSRGh4Kmz2O2W9DM=

W3mZopDcai7+cPWH

1OUbGYv+vlQu

Jl2swZGhJLqN4+vQ5LSunw==

bqMWPz1/jUpqFyIIYeB4

Q3X+UlDWr2o3

k7TCq1dWXyF757M7gSPxSaSJdjw=

TZvs76Sgo0uN8sdm0MxisII=

LTl+vXOFBKykGeDhIaU=

u8AxezBztR1XrnskfzoTKMekisa5uVvb

JWd5cU+fsthc+fKZ7g==

4PUC75+lJrKPZP2h8w==

ygIMTs0fHtE=

1BVrjH3HU3q7HODhIaU=

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e1f7c1d98ab2515f1819d0e5c3b85000f3ad22139a8533ee21d12224861cbd5e

Files

JaffaCakes118_e1f7c1d98ab2515f1819d0e5c3b85000f3ad22139a8533ee21d12224861cbd5e
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 179KB

.text
Size: 180KB - Virtual size: 179KB