General

  • Target

    JaffaCakes118_17d70df2c152dd66f863894406f79537ad415ee89007ca7c887de58cabe5eb7c

  • Size

    188KB

  • MD5

    015efd2647138f94e56086e87990fa1e

  • SHA1

    6d60c5078166408a32d11d38ab648ae414d0a319

  • SHA256

    17d70df2c152dd66f863894406f79537ad415ee89007ca7c887de58cabe5eb7c

  • SHA512

    4658419341a4b6b89681808510eb292a676a8f2936a80581ee6329a0808c5232f4ca660e4b37e59c42c93bc6834900e1fb478cc333e18780404d682e9096ef4e

  • SSDEEP

    3072:0I9LEU/TKT3eC32JWqk6IIlYVNsbU49nY9TxZiC:dt02856ImYPsvnY9TxZ

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

c0e5

Decoy

educao.pet

e-race.store

clitzhyper.com

webcheetahtech.online

akkarr.online

odevillage.fit

yaignav.site

191u.us

misionartv.store

leadingpastor.com

claudio-vega.store

9mck753.com

system-reminder.live

landsharesfg.net

lmcsf.top

mkstoreacesse.com

2023.domains

yb8.mobi

2q02f4fyxg7ybb18.digital

logtray.shop

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_17d70df2c152dd66f863894406f79537ad415ee89007ca7c887de58cabe5eb7c
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections