General

  • Target

    JaffaCakes118_ead32e37f50f2286b999f7b69439f4703027a50a92c0374977ddf0d8ba005973

  • Size

    188KB

  • MD5

    04ecab4dae42f8db8a8336f79a820c00

  • SHA1

    0bd4f9214bc5a49ba47384b105b5829db11b1171

  • SHA256

    ead32e37f50f2286b999f7b69439f4703027a50a92c0374977ddf0d8ba005973

  • SHA512

    e3c1286317a09f608c502ade7e0ade0dc7e4476509c5fd777af342769c4fcd8a423f34d542835773e770433d0b32aa9676e15bfe806cbd57605836aaa2428144

  • SSDEEP

    3072:Xh4eHi0WR9VdNj1NWIt+cyFLI+H07ecBY9efloRBNjvNDu1y4i+SPSo3vo:Xh4TLldl1FQVXHjcu2loRBNbYKP3f

Score
10/10

Malware Config

Extracted

Family

formbook

Campaign

wnoa

Decoy

Anzfj8CstzWn/Ik=

BkhCB8WrOvIUcY78lw==

xEyLf4okJGEBag18DTzNfYc8/tJTCyY=

L8YF7D0dJmDN2XbqnL6BMPM=

pLq2gHn54xib667ul/0cGeUUZA==

bKjcinHr8mKS6qLfjA==

n/YN69yEx3KoUAU52DiE+IS5ItJTCyY=

BRQILrmcFxdJkIE=

e7itYBn9mZWx1FOTUzskZA==

e7Gqlb+Fsy3d+bramPc=

SV5QF+PEQe4c7onu

F6D7r3RAggSr98cs+mWjCY/KQw53Diw=

lqixnJdBnCAJdelB0L6BMPM=

N8Y0Fx2lwnaYJNQg4iUaGeUUZA==

4tF/NC6/DfUpRbGngLVx

oLuerEDAN+8c7onu

hpiWgzD7vb4c7onu

twgjE4g2SQIjRbGngLVx

G26ZgMF1Wp4/iTtpPm9sMvU=

SQaUJPgO/kyg

Signatures

  • Formbook family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_ead32e37f50f2286b999f7b69439f4703027a50a92c0374977ddf0d8ba005973
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections