General

  • Target

    JaffaCakes118_3558b49b02104dc7b6d93ad24e37de0f00b51c70ebf850702083ad91a6364c45

  • Size

    188KB

  • MD5

    41ca53bf7044b1d5d837024952d7d80c

  • SHA1

    2938dbe850074b9b672dbf0b8abc76328361070a

  • SHA256

    3558b49b02104dc7b6d93ad24e37de0f00b51c70ebf850702083ad91a6364c45

  • SHA512

    233d76be167215553868386be6e3c1759a8eb7c08a4ef99bb5a7f437dee9ef8c555a3f3fc02f3cb6de403a6c19a245bdaf9399ec77ad971e1498d177d495d362

  • SSDEEP

    3072:pTB+F0wikjC3fOMppxTSRbjAbuGWolAFPoW2BKcBlzAxpuKXjkHtig:Xx2MprWZsbuGWoHznzASKTk7

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gaou

Decoy

kreditkleansers.com

energyandoils.com

0wzr2dglc.com

coachadrisanchez.com

region10group.gmbh

shinraibuy.com

theleftycatcher.com

shop-hatchshowprint.xyz

mutoros.com

anicolon.com

tb19151.icu

vinyetgriera.online

hunterz-it.cloud

scareygood.com

newbalanceshopping.xyz

perfectgrsl.net

qffi.top

antoniocuomosindaco.com

evesbond.com

finelowdowntoskimtoday.info

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_3558b49b02104dc7b6d93ad24e37de0f00b51c70ebf850702083ad91a6364c45
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections