formbook | JaffaCakes118_2cab0dda9d14f55f71779ed1735200ce624b525f2c8fded2027cb0b4998790fc

General

Target

JaffaCakes118_2cab0dda9d14f55f71779ed1735200ce624b525f2c8fded2027cb0b4998790fc
Size

172KB
MD5

6a4ecfbfd4042d64edf22b97c83a7864
SHA1

e2873fed986f4b04942f0ce7fdb3af572b283625
SHA256

2cab0dda9d14f55f71779ed1735200ce624b525f2c8fded2027cb0b4998790fc
SHA512

a52ed1c0e5157eda4251338d3f61eeb5b05357a6c27ce775ada8ac2484550d94cb63536bd779c27556d273711a90564c037d39c395fee117c88eb63137b74704
SSDEEP

3072:5woOks6MRkVi5/AqOfWolAmrz8p63Nwt2e02UYY9t4Cf9FTHCFGWgw:5wo9MRGiKqO9Amrz66et2e02UrN1NHCI

Score

10^/10

rat h96v formbook

Malware Config

Extracted

Family

formbook

Campaign

h96v

Decoy

EwxgE1pivQP6//NV

0dAX4C50bNv1eSQMIJi5LyHB

MeT76rbcPZc/yHnyH3y5LyHB

xLgAAfCooAj6//NV

TyNe4jJrUZ3GfXQ=

LSSBXyM/8F5RO80mPJTN

1dUXAcD2nqhHtQ==

zQpE/r0sY8j5

tZjyrh1ZHZkUxjernQ==

DbzRUxm1nqhHtQ==

fk9WTDLOsA76//NV

u3SEf3z4IqInrA==

mZjmpBQ89HIAxjernQ==

F+Iq1S5Muf/6//NV

n1luGnqM9RSED7wlW6a5LyHB

1c0OFw3BtT0wp087iolUJ84Lna7ZC5B8iA==

QAwY2iZwWt467O5fduJmY/mTkdIOKd4=

kEtWIOiEY/7o1Id4pPg=

ENPizKc5HY3UeD6h5l3A7kmXWQ==

3/Mw/pFqGZb5

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2cab0dda9d14f55f71779ed1735200ce624b525f2c8fded2027cb0b4998790fc

Files

JaffaCakes118_2cab0dda9d14f55f71779ed1735200ce624b525f2c8fded2027cb0b4998790fc
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 167KB - Virtual size: 167KB

.text
Size: 167KB - Virtual size: 167KB