General

  • Target

    JaffaCakes118_e190acbcb49395fb6d0c5e827468ae680812fd204a18c240bdf312baee4c8df6

  • Size

    16.4MB

  • MD5

    1c21230bcd2c0f7e5228f1a6fab87d16

  • SHA1

    fc1dd7ee9e98c338e5e184eb2fee1ce28baef7d2

  • SHA256

    e190acbcb49395fb6d0c5e827468ae680812fd204a18c240bdf312baee4c8df6

  • SHA512

    6eafbbf88c08e073a002ece380906a0ea64b5a95b9001222318691f405f9c5095276ee7708a3bc9fa76209871d878fcd613916fad2d25413103c585f385410ee

  • SSDEEP

    3072:tfJfkUTCxyZuL30b4XReaSRkGw8SesVzWTiqqKe+oNMdFeOU:3ij0MXYaSyGezWTiP+Jw

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b19w

Decoy

sohbetkeyf.net

vamosporalla.club

baoluoxin.com

fazrico.com

mojeportfolio.com

fftfs.com

snellingbkkg.site

buyjeeteronline.com

metsh.wtf

garyhall.site

hg7788ggggg.com

backigy.site

growellstudio.com

heidigalassini.com

coinlunax.com

wackeldackel.xyz

goodvibesmealprep.com

gulfcoastbeachfronts.site

saludatucocina.com

tm804vk8.xyz

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_e190acbcb49395fb6d0c5e827468ae680812fd204a18c240bdf312baee4c8df6
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections