General

  • Target

    JaffaCakes118_a374de1ea3e461af7d9b2e427248cf18d1b1651f4ef7f5e3d0f1876665f1ebaa

  • Size

    188KB

  • MD5

    43187c9c718059fb6b10c961ed03cda3

  • SHA1

    70aa2af96539da25d81a3d156fc21f17bc774a4b

  • SHA256

    a374de1ea3e461af7d9b2e427248cf18d1b1651f4ef7f5e3d0f1876665f1ebaa

  • SHA512

    c2ead5767f47cedbf25ff4dd46844b092612751f7b0879d20b6e56b7d20d9f017204ff88e88cdf817a0d91b2e1e8ff9f55536d4d263c8eccc23a05eaeffef9b2

  • SSDEEP

    3072:DT3kk3TmAuAMtO3XiaqsF6MaC6Nl9ekaPM8TyDzH9eV0i+mVWsFv:xTetoXdq+6MaC6j9enE8TIwanuF

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

e63z

Decoy

solariefy.com

zw323.top

somei8.com

rukbrook.com

iu5w.icu

escrow-hk.com

onlinereviewmonitor.com

maxxaktiv.com

directecole.com

walkinmovies.com

zxxiangr.com

prvmagapromo.com

mozogaotaxi.com

paralegaltraining.life

hayatkulturvakifi.com

beltmnn.com

olqlovea.com

theupsstore881.com

galmfrenchbulldogsny.com

stphilcc.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_a374de1ea3e461af7d9b2e427248cf18d1b1651f4ef7f5e3d0f1876665f1ebaa
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections