General

  • Target

    JaffaCakes118_5d6759a92f0e82b834edb9c627f943332f91446e5e53bc9dd543e503e2673f1d

  • Size

    188KB

  • MD5

    17da133c935e31fa224d205866f54363

  • SHA1

    311af3dd056c4d572fd28827418d5a1b83090ee8

  • SHA256

    5d6759a92f0e82b834edb9c627f943332f91446e5e53bc9dd543e503e2673f1d

  • SHA512

    e89bed6425fac48e3fb84bca20cb0b99ca5659051e7f1607ddfd996c40bd3859a4f36a84a01aca4775dfdea50aeb12e4d2ac536bf7b0d73e3e97a5ae4dcf5479

  • SSDEEP

    3072:hH60Vk76fdrMC3Y72HpBLF7YCPZe7ZM9ha+sLfU+v6a2:rc10YyJBLF7YCPQFpfZv6F

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

oy04

Decoy

database-modeling.com

worldofthecoffee.com

kappou-aburaya.info

heplowi.online

zeroaccord.com

shenzhenzhongjitechnologyco.ltd

sennaextractors.com

volkischeurope.info

ipad16gbwifi.com

rosalindacleaningservice.info

master-kit3000.com

fitnesssaathi.store

play2learnpr.com

likesig.net

dtzay.icu

verf-auth-user.online

iansherren.com

xbjr.xyz

biyou-kennkou.com

betkolik301.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_5d6759a92f0e82b834edb9c627f943332f91446e5e53bc9dd543e503e2673f1d
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections