General

  • Target

    JaffaCakes118_ec78adff775f3416abe7d8e7880509ae11f0b19fec88994ec66123d0b2378419

  • Size

    369KB

  • MD5

    12f0f20a4fc1aac8e7a005d1f941cb66

  • SHA1

    091bd5ce56a814e987a0d5969a60ead768666862

  • SHA256

    ec78adff775f3416abe7d8e7880509ae11f0b19fec88994ec66123d0b2378419

  • SHA512

    92052116cd31dd9bbcca363eb23f69dc21de5d1e089c84df75c809ffe4578544cd0ba6c7389aa643ded28a0c9c3a682e712f5eb4ce8860261b5ce1a3b059defb

  • SSDEEP

    6144:fvfKgYntKCjdrLY1GsKEPgQADkJvfKgYntKCjdrLY1GsKEPgQADkd:vKgS08LYo7bCKgS08LYo7bW

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

j17j

Decoy

playphf.live

solarthinfilmtec.com

gdhaoshan.com

posh-designs.com

369andrewst.com

doverupblications.com

hengshangmei.com

decungo.com

checksinthemaiil.com

4localde.com

wetakeoveryourhousepayments.com

overcharge-center.com

mmmmmboulder.com

almaszarrin.net

enterpriseturkey.com

lanierfurniture.com

lhzb726-gw021.vip

onuiol.com

dmitrytodosyev.com

117uuu.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs

Files

  • JaffaCakes118_ec78adff775f3416abe7d8e7880509ae11f0b19fec88994ec66123d0b2378419