General

  • Target

    JaffaCakes118_00a12d9dcfcf6b9b66bb96e470be807b93746b0bae5bb0789b73914b82ef5bca

  • Size

    188KB

  • MD5

    e8ccd3f41c3f526062b9a50ef6c281a3

  • SHA1

    88fc29f023e878b7b18226da149d0bba074a0b43

  • SHA256

    00a12d9dcfcf6b9b66bb96e470be807b93746b0bae5bb0789b73914b82ef5bca

  • SHA512

    1e79f5ba7318bd730a94cfcfd7e5393d5788cfc6fad122cb3106f8f7925de87f8b3ed9cc3f235f209072bd2a3c0f14cf02fa9190e4ff925db663b35016b25410

  • SSDEEP

    3072:tVN2k57tVTr936R4wyQJb3YBfIkyI2rn3SWAHMaIwr9IV7:vXx6qwy6b3YBgI2rifHMa5U

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a30t

Decoy

nietru.icu

saudiafc.com

8120567.com

grundrow.site

tsinversiones.com

sytgzx.com

hannoschoeck.online

cerdacapital.com

mastercard-tz.com

asupermarkt.store

carmobility.online

estudiocontablegrados.com

downtis.online

kingdomdefensesystems.net

mw.sbs

aiotrip.com

decentralcase.com

intentionallivingwithmeb.com

administratorlope.site

uc-un.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_00a12d9dcfcf6b9b66bb96e470be807b93746b0bae5bb0789b73914b82ef5bca
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections