General

  • Target

    JaffaCakes118_cbbeda46fc33d3b8876edd764cb1826326a9595abdcd760fe6a4db9f51bddd3e

  • Size

    188KB

  • MD5

    a06e2a1a051b396a79d8adfce03fe9d2

  • SHA1

    d6f95fdfee75687e15ed6a9d7d7b956c64db7bbd

  • SHA256

    cbbeda46fc33d3b8876edd764cb1826326a9595abdcd760fe6a4db9f51bddd3e

  • SHA512

    275e09b38b096e480908213043d0f5034a5b561f61a1cafed1c571e2ca391b435645af3218cd50584fc07b0b9e406ffc2611ace22e0ea58ec70ace87400a10f2

  • SSDEEP

    3072:E+6sUoWNyS9amj+d6ZXyKG2ZQq59hcJqny/SbxC9IwtHjk:PGamrAKG2ZQq59qJqKwgIwtD

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

r2y0

Decoy

arzoneproperty.com

pathtopronetwork.com

jasasumurborjawatimur.com

albertliang.info

subvipndg.site

fzmtzs.com

qianguodong.xyz

artifact-label.com

fuss-about.com

denimfactorylb.com

sbsmwkdnc.com

cdspaint.com

iloveyour.info

ballantineshotels.com

infoxcore.com

advisorlove.com

frauimmond.com

vibeplot.com

toje2523.xyz

masterbetting125.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_cbbeda46fc33d3b8876edd764cb1826326a9595abdcd760fe6a4db9f51bddd3e
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections