General

  • Target

    JaffaCakes118_44f0fe09ea51c861fb4350a885e515d296f5483c7d4943a209d33a4fe02f9fcf

  • Size

    188KB

  • MD5

    c776ad4c97e62550d80be896a26c4b5e

  • SHA1

    d6bc4127bf67360604e77744f2ecba83e066242f

  • SHA256

    44f0fe09ea51c861fb4350a885e515d296f5483c7d4943a209d33a4fe02f9fcf

  • SHA512

    7ff36d8ffc0797efb460942131d3d980e76333c021d54e4ae150bfd0dabf5eac6a0deaf0c7ddf39f1cebd9c2fa4d8fce0a5de2ba48e8cea7ddd0ad89b36093c8

  • SSDEEP

    3072:/R78km0VlDzN3k/qXTrd2YUhPBAlxj0O3C7Un4jjl+xb0Pg:muBkSDrd2YUhPLWC7Ual+xN

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g09e

Decoy

flyinglarkgp.com

spiritsyncing.net

sushikreci.com

drssdup.com

mobileappsus.com

lvrcprbrisbane.com

nfjnwa.icu

ottenbruch.immo

strinosoft.com

portershoecollection.com

electriccarsus.com

lecai.icu

piplespnd.quest

talkrecords.com

lowcodeconnection.com

lastwagenfahrerjobshierorg.com

kpallman.com

dcrdr.com

chainalysisinfo.com

einayaa.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_44f0fe09ea51c861fb4350a885e515d296f5483c7d4943a209d33a4fe02f9fcf
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections