formbook | JaffaCakes118_88228cbfcafa8a4530d71080d67e6ffc3f061bf771dc9b9efba261f5102df3ff

General

Target

JaffaCakes118_88228cbfcafa8a4530d71080d67e6ffc3f061bf771dc9b9efba261f5102df3ff
Size

188KB
MD5

31631d4f6c4dd65638139053b8aac793
SHA1

ba225ab9efbe428fc020f8ec238ddea17bf45528
SHA256

88228cbfcafa8a4530d71080d67e6ffc3f061bf771dc9b9efba261f5102df3ff
SHA512

6d499ee5847a7448196c113de55f988a2b9d3e6099591cea7a0d29cd48005ee78a6734d96d29887dfdaf301e0e8e0555c3e5a54e57ee8de8ffaab607f3673820
SSDEEP

3072:HYeQy+whmt+sKY1pW7gmYWuey3jxZ8nuOU0ffS9cBJmToIu23hIbHTGc:HYvwhmEE16grJ3linuOU0HS9cBJUbIb7

Score

10^/10

rat bmqi formbook

Malware Config

Extracted

Family

formbook

Campaign

bmqi

Decoy

VPlS75AwBrpyUcHCnBXjMkwbb2vv4LMVgA==

VHGhBLtvL6chbBhj

NNzR/ZmdQnnuWYGLcKh6oqE=

wbOewm93TXYA9aC3JWkDXtFYQl9y95aYlg==

9xsydw2RqMMYrIrgszwH

5tXA8pcR0Xow8uH4bH8=

4AxJvnH3xOvkTg==

mhFLqkLjFjx8vizKNg==

T+lEvG0FHDuO/90eAHc=

nBFW1WqXPGDXSG+CE00nJm/1

R2VlmDa3gCu12Up6

sE1yynOcZ5gIZk/ytBam4fjRM0kAGg==

3wk9ozOVJV58PimwNQ==

tFVCbxwqwexjx8Ja1ijsETYNB0CIMO4=

4fo4xWCEV360BfKvc6h6oqE=

6RAqlz4Qwtp1

QkO6QubuG8h5dzJiRaU6ZoypKBU=

BaPSF87yu7aj8RPjiM5qiS2F2g==

RnWTrkPLUsx2YRQ65Hkfkt9ZseQi/OI=

QfBH34EfwDC12Up6

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_88228cbfcafa8a4530d71080d67e6ffc3f061bf771dc9b9efba261f5102df3ff

Files

JaffaCakes118_88228cbfcafa8a4530d71080d67e6ffc3f061bf771dc9b9efba261f5102df3ff
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB