Overview

overview

10

Static

static

10

1e1c043723...c2.exe

windows7-x64

1

1e1c043723...c2.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991

  • Size

    135KB

  • MD5

    29217034fc648193f9de535e94fa3646

  • SHA1

    ff02fc64d224dc0fc00c0379bc53357a48df662a

  • SHA256

    ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991

  • SHA512

    2848b24dbe48806350ddad7e98e854c16f914786fc48a066224767012e18974686a4981b4e101ec716b86522ac496a95abed1e438999dcce763e0e3f38dbd6d3

  • SSDEEP

    3072:0C4dZgSGAmhhcQzrUVnCuHj/jNFuYAv/DCLWaxJ:0VdySNmhOQzr8nCk61+LWaxJ

Score
10/10
ratfdkformbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fdk

Decoy

winestock.net

volshebstvo-dar.site

ourwikipedia.com

grabzap.net

creditcardcow.com

cristinaandmore.com

coastaledgehomebuyer.com

2791235319.xyz

gnobag.com

mesdecals.com

mercadosdehuelva.com

tattoodolla.com

studioxx20.com

getseattlejustice.com

julianajames.com

oshyia.com

wegefinden.net

usahotelink.com

haqad.com

kelvin393norman.com

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_ac5b8e0bfdd995e301f0946ab7de054c9ec82cd1cd6b52a85753671f52333991
    .zip
  • 1e1c0437239fb9e7f6f962a69a4b1652c11f3ca0f0e76d33ad42d20bf99f44c2
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections