formbook | JaffaCakes118_5665ff6db3e1f01295dd3688d1a51eb155cc0555873fb555f54d519d60d017ee

General

Target

JaffaCakes118_5665ff6db3e1f01295dd3688d1a51eb155cc0555873fb555f54d519d60d017ee
Size

188KB
MD5

7f8252978ee700e8342656c6ea79c456
SHA1

271d597cf0f9b53efc8e214f468ac47bd34ad5d7
SHA256

5665ff6db3e1f01295dd3688d1a51eb155cc0555873fb555f54d519d60d017ee
SHA512

bc84065e6cc5c0e6d076222fd28da9de99586127dac308e743dbc94ba61347362039b1b9a1d8b207c14163eceee16a15859d8f5b455c40cc96491f83eb7ad170
SSDEEP

3072:sxa2FHijfH0mg+N+xPDWACYDRBrdHx1Tt0z19MYA9x0FCGgn86cnplj5gJ18:sxa2UjzgxPPCwpHxRCp9MY2xICGuMnpg

Score

10^/10

rat qd0d formbook

Malware Config

Extracted

Family

formbook

Campaign

qd0d

Decoy

YL03z+EEjhf9M6NM2M2yv9v/5OfM7YA=

TJHw4l2kB6Q3H5Me

icjdkzWUV4bD41cAc5m0RpCWRIY=

Zp4Gt1acwDfVZWMb

QEjvrqMEdXkITXM=

FXxFS7fsfaiAjgfIRw==

DGrlh7IIRDjkkM606cM=

mea3wdAiqNu66d7QVHaUJyk=

mcwgoAEcFag3H5Me

xAYXO3BjyLzh8g+6OS5QHlKhin5u

i+JMzBxEVOcqPdiKtAV+tx+AHA==

bZzu9oiuOfBDW0PL+FUct9xoIijTScIL

+togOTKOU3VWepk7u6QW5iE=

tZaeSKis5vLHvc606cM=

WbLB7SJUisWu5M606cM=

rJOIDmRfM2JNkTUD89v6

1SobTN4zjMQPuWD+mDfStx+AHA==

EOJumfn8Yus0Fncmqss=

9wRwrucNrVyr1QfHCqQW5iE=

lA3o3RcNbZzvhaBLrTrpvGLIq96krQ==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5665ff6db3e1f01295dd3688d1a51eb155cc0555873fb555f54d519d60d017ee

Files

JaffaCakes118_5665ff6db3e1f01295dd3688d1a51eb155cc0555873fb555f54d519d60d017ee
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB