General

  • Target

    JaffaCakes118_43ef77621f975d40809f4e246e568da0aa5a51e7241c9d96cb6ac7da924f5e1f

  • Size

    188KB

  • MD5

    db9c1ae6b57c630a7e803578828ea0c6

  • SHA1

    d2759ff79fcfd420e95b4942e57a3a1b5d5d1518

  • SHA256

    43ef77621f975d40809f4e246e568da0aa5a51e7241c9d96cb6ac7da924f5e1f

  • SHA512

    4ba98980698ad0d4397350cecb6676184b6652bbe48a8124060ad22b91bb151c93add5f009e92016c1158b69edfe66e2e6057abad8718afca0bf43c5ad05b246

  • SSDEEP

    3072:oOc1ojkuKRBJO83eapiDgrQhUW1hHkD/Ay5In074SEfLUbGHk:ohkPye+ogrQhUChEDl5In0ifKGHk

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

o18j

Decoy

qfnft.xyz

ninjshib.com

884uc.com

edisonsbar.com

leopardbuffalo.com

yifansw.com

suncoastcreditsunion.com

solidity.codes

thrapyappointment.com

cloi.xyz

wwcsv.com

berdayabersama.com

mirrorlesscamerareview.com

alphathomas.com

doulapsychomot.com

singmos.online

earthfrequencygoddess.com

any-shirt.com

tylersdayoff.com

gs4te44sh.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_43ef77621f975d40809f4e246e568da0aa5a51e7241c9d96cb6ac7da924f5e1f
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections