General

  • Target

    JaffaCakes118_7b6141f228606e4155907465743bed6eaae5d1b889ae2996d710fe1f4ef6857d

  • Size

    188KB

  • MD5

    a07db21ec6fdca5686ff6cf7c89b0bb2

  • SHA1

    70937e422d23b9bcbdfc5a2fd94ab9fcee47a388

  • SHA256

    7b6141f228606e4155907465743bed6eaae5d1b889ae2996d710fe1f4ef6857d

  • SHA512

    28d5db126fa291a976be5d8a6b77dc0e8dd8ebd881778e6b6164a0ab6e4904b74798a5f703e834dc9942c290fbaae7ba83c07fd7faf64b64a0465183e14b5d3d

  • SSDEEP

    3072:wxsVDEPnwAdy91a3tPTZJaL9gZdoPz9Qf4QNixi5tPh:w2mtictrXaL9gZypQf4QNL

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

s25m

Decoy

bxgtgs.com

lincolntechnician.com

thistar.com

feruint.online

omgstepbro.com

kumargoldclasshadapsar.com

aplicalis-diana.com

designedxambition.com

gxdaomo.com

wheatconspicuous.top

matthewscotthuddleston.com

leetsdisco.com

moldinfl.com

triafreightdispatch.com

pobjod.com

goodintheend.com

liongains.com

validate-connect.com

capitalcityrum.com

ciscouc560.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_7b6141f228606e4155907465743bed6eaae5d1b889ae2996d710fe1f4ef6857d
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections