formbook | JaffaCakes118_78a20b2c28bc87337cbde805fcc650ab27f846bb7d2b18ce4711aab2f66caff7

General

Target

JaffaCakes118_78a20b2c28bc87337cbde805fcc650ab27f846bb7d2b18ce4711aab2f66caff7
Size

188KB
MD5

7aebe0396156c18decf507c9190411f8
SHA1

ea3d7a90337622e575de596382aae1c6c9e90e8b
SHA256

78a20b2c28bc87337cbde805fcc650ab27f846bb7d2b18ce4711aab2f66caff7
SHA512

8025ae9a863856fb29200726a64005398915302a2d41e63cbeb28d6eedda7a811ffd2eb6fde49541ce7493502ec12ab1e07f8b5089ee8bf4c12b75ddf095f690
SSDEEP

3072:NkaZJkFG+TALYFtWhFyx/EP3Uuivk6269k6JvldG9OgaR9po3gcKRc9Dcn:OVFx80FE6E/te46TJvlI9MLxcKRwcn

Score

10^/10

rat 44hg formbook

Malware Config

Extracted

Family

formbook

Campaign

44hg

Decoy

FT1Ayq5vVMYW

zsWtwBlod/ZOylvkHKvXh/dYkhy1E3LsvA==

ARFJ7O/HpWs+RuPcIG3ZqiY=

gs+55kWOmN5ddRUdYB42EBArLbct

Q2GdGf+1NHRVW9RTMQ==

1RbJvxxqeOyK2Gnx

MXpikfFIYelTxuowNFeFNzHebw==

8xCIyxhXNb4T

A8NIerrPQPAc

pwEChnYcttWr0Tgv8VbGqSc=

Xb09P8f+DU80gKIbXK0Wyjw=

2v/gFHO2wD3RoyhW4nOWSMgs

/Tn4CmjiqjbCeQdfT1iIUxDaPXk=

HRoycewpN8pWqVPo

oqMjs7GxZWs1YsUTElG7XxkhuXIl

tAI8uaBmDuNDAr4Ojta3

Rn8/X+AzO81lJcUOjta3

q6ogEltWZ6ZyxeUeIEkz4oYYuL+kE3LsvA==

5/ELgnNK76w/Rc0EBgW3oCU=

R/zK/GhvJuU2Mro=

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_78a20b2c28bc87337cbde805fcc650ab27f846bb7d2b18ce4711aab2f66caff7

Files

JaffaCakes118_78a20b2c28bc87337cbde805fcc650ab27f846bb7d2b18ce4711aab2f66caff7
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB