Overview

overview

10

Static

static

10

JaffaCakes...41.exe

windows7-x64

1

JaffaCakes...41.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_cba0279a997bc9d61c0f8fd1c10ebb852f7d95be0bf0e127916cdd2d9ec45741

  • Size

    188KB

  • MD5

    be78831ba1ae62060bb9e299e6a4f478

  • SHA1

    a5ab58295de54a6fca69f364e347ddd890434cd4

  • SHA256

    cba0279a997bc9d61c0f8fd1c10ebb852f7d95be0bf0e127916cdd2d9ec45741

  • SHA512

    7f32cab04fa60f0526e3b1c22c19fb8287e6c3357bd2627b9539e72cdf9d675525ac86c81cd2c621d7d216f6292c7f8d0799237577acd57e599153bbd5799203

  • SSDEEP

    3072:Ne/AFiRDw5KmaqQJm567wua8DTevMiFG26te+uqaWdpo:c5RA2m54ha+TelGNSEf

Score
10/10
ratnorsformbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

nors

Decoy

blackness.media

troyswebsite.com

panieswol.club

mobileview.mobi

blackyuko.com

petstuff4less.com

danimart1991.com

blockchainminer.club

podcastserigrafia.com

eandbshops.com

gehalgouiene.com

joyvittale.icu

egointerior.com

kevomedical.com

ridelightsusa.com

7750122.com

rangers3.xyz

sohaibind.com

321dollar.com

dvakmedia.com

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_cba0279a997bc9d61c0f8fd1c10ebb852f7d95be0bf0e127916cdd2d9ec45741
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections