formbook | JaffaCakes118_622636cd28a00652b9cc022fe528fef11ab7ed1f48c8cbe97cf02eae42112661

General

Target

JaffaCakes118_622636cd28a00652b9cc022fe528fef11ab7ed1f48c8cbe97cf02eae42112661
Size

188KB
MD5

7a8346864b77f7432efb4fa330162301
SHA1

929e7b0ac65e0db6d4cb6178c662ec4451cd4e82
SHA256

622636cd28a00652b9cc022fe528fef11ab7ed1f48c8cbe97cf02eae42112661
SHA512

f089f7f94702ab7705bbb187b3602dd8dfccf85392ed2524330ccf76faae2a80f0a4546848d3974124919626d0812ee92ac5e319a6536cf5bfd7889a9ec74cce
SSDEEP

3072:DnFGjm3EEuoElhTJW0XH4cxftmUtnfl3wEs2f9xs/31TzFvdEAkUwD:zIQofhTxXb1m+fRwX2f9xsxF1EwwD

Score

10^/10

rat wzic formbook

Malware Config

Extracted

Family

formbook

Campaign

wzic

Decoy

EF24Z5/12y4m4hI5

jLoHu8E+DnrM

yvj+8ztHCvfS2BuHVDg=

HXrRqNvfzbEriN/oHi8=

l+I+8fv4zC1Lwsflu7ke2K64cA==

P4z2vOX7mEaTTZ3LnhYy7GEuUP4=

Sm7yu+o0CidvaoQ=

34Dms9fTqBNa+VsBEkQmO3Y9s71dfpeK

uq6SgrrKtBxGPjXeCH8UuWg=

63I7jdIk/WyQgrMTMW1WWGA=

JV3VPdD3zS4m4hI5

PyUI6BwkBCdvaoQ=

OMwQJXOHZ1SmJaydwA==

S5LpruTt0MAm4hI5

qKzzNk5nQy6cJaydwA==

nAQ1yNNZyCdvaoQ=

+cw3bXyIVDeWWZqLdyi6zQ==

QecZjiC4YkOtWw==

akobDyI93xB9Rg==

FOM+cbML6Np47v5pKB4w92EuUP4=

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_622636cd28a00652b9cc022fe528fef11ab7ed1f48c8cbe97cf02eae42112661

Files

JaffaCakes118_622636cd28a00652b9cc022fe528fef11ab7ed1f48c8cbe97cf02eae42112661
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB