formbook | JaffaCakes118_55bf19a2ceffdfb8dc5ed709a51037ea6a4a3d1582ee56ee5666ffd9ceed1759

General

Target

JaffaCakes118_55bf19a2ceffdfb8dc5ed709a51037ea6a4a3d1582ee56ee5666ffd9ceed1759
Size

188KB
MD5

1440d90fa4e7efa49d7aad0a99700242
SHA1

6b80d84d0e64e50e6f3da879f05cb75ebff9a20c
SHA256

55bf19a2ceffdfb8dc5ed709a51037ea6a4a3d1582ee56ee5666ffd9ceed1759
SHA512

82cc51c000fc3fb938b79e0ed8e1465843f811da78ffc444a6445197a25b96c73cf6cd29ac51988226cea23e550f6df02bd83b409248db563a43a15f1371bcf5
SSDEEP

3072:ayrVpyYEe7wAwRArHAWhNr7fjnPry4tc06mOvAaPrZuU7VIIuL/DpBK7T4X:aKIYE11OHTNLPrByJmOvAODzuL/DpyMX

Score

10^/10

rat docv formbook

Malware Config

Extracted

Family

formbook

Campaign

docv

Decoy

U9joSV3jrRWaOFCKHlsP

BWItfadLRNElFi4n

IwwjhJWT8tzs4sQ=

7tvFIDbQqJsB8URT3RNGkHw0QXo=

ohLOMk4YxjHG

wjIBSnU4DBGp3GdYKmuj7hCEXOBwqzs=

a1qxDSU3hjufvj0bpfj3Uw==

XDxmge0LinYBHuU1BB9RlHw0QXo=

gHy8MUUvfjseUDH/laNRskjL4+2cpSo=

3l5awfWzfpndFbQgLGcH

fQQagL/xa+cEOBpiaroqcP7Y

ta//E0xm3pTAt2qKHlsP

pP25BCAYTnWdQthIEXHXVg==

RUBcttrfWDZ9lpnxt3A8TufQ

No5nx99vdhKVHHLdleEocH4=

pIWF4DJQ1eEOwkulerNvszfXpyrm

1jawFSSZXBRymxFLEXHXVg==

C2wAUJqBPs4kBFikbplAlCrTqy/s

6z/BJ3Ia48YuUz5+NTE8TufQ

rn97xOf1iIWrCZjj8A==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_55bf19a2ceffdfb8dc5ed709a51037ea6a4a3d1582ee56ee5666ffd9ceed1759

Files

JaffaCakes118_55bf19a2ceffdfb8dc5ed709a51037ea6a4a3d1582ee56ee5666ffd9ceed1759
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB