formbook | JaffaCakes118_67a8b2ad678062b49559812f55237b9396e3fe89c64df435799326f10c41d463

General

Target

JaffaCakes118_67a8b2ad678062b49559812f55237b9396e3fe89c64df435799326f10c41d463
Size

188KB
MD5

1e0cef787b95d9b10e3e8352fff7414d
SHA1

d922d411e0f701426054d896985334b111ae06da
SHA256

67a8b2ad678062b49559812f55237b9396e3fe89c64df435799326f10c41d463
SHA512

e98b654b5431ad36ceae6cecca054c14415c24ccdd4f439a21b736570d59a62a73b7553956f60f7c273706543ad23567f9e3adfec2425c1845f4829f36b43aa2
SSDEEP

3072:EJKUrQJvlCYOANgW4rLmheVRFOiES2Td6pNYkApG945M1CsFlgS15sP4j:t7JNXN6ISRofPd6pNYkApB+Uyx1CP

Score

10^/10

rat tnrn formbook

Malware Config

Extracted

Family

formbook

Campaign

tnrn

Decoy

WUtb3QVzGGu1sCIG

1JbCaeCwFgFR

dIo2Tk2IABExTS28lJeQxQ==

3/XZPY7k2/dM

eomaUMuQOPmEDg==

0NS8hsTk2/dM

bq6+ChF4lkz1uWBZKg==

UoXtLR1lQ10UuRj3FzviTKYRreKt

y8pjrYJYbDFb

gqJ+x8033y2bFj/d6WUpFH3ela8=

CiI+1RlBfFtaIcLOadUpv0To7fSv

zgwXXodxl4BYA+V+ntM/

WbwaNGcBsf5f1PVQ7T4p1fg=

0M6w2/uJBQUMhyxEer+F73dZ

F9cnLRtRv+cx0fJJ3RaYSUYfiBzKp9CVxw==

2dy1FV7bWT4krlU4Wuu1yc7DltJSaA==

UzC/ImHqj7oMsyxHNZci

y1Sj7lH+5v/miDE=

aJShPYWr5v4QjfHfwVIDsVZR

QUokWlO8bZ/ukMAoHJOeVrunFQ==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67a8b2ad678062b49559812f55237b9396e3fe89c64df435799326f10c41d463

Files

JaffaCakes118_67a8b2ad678062b49559812f55237b9396e3fe89c64df435799326f10c41d463
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB