formbook | JaffaCakes118_717d8a801e84c67553f29c8aed04eed83b9228fd3cfcf6876b163743d9d70aba

General

Target

JaffaCakes118_717d8a801e84c67553f29c8aed04eed83b9228fd3cfcf6876b163743d9d70aba
Size

188KB
MD5

ee11453ab905ea43524a2b6a14775929
SHA1

5eafb29af50a41fd59feea656e3f69868ecc4055
SHA256

717d8a801e84c67553f29c8aed04eed83b9228fd3cfcf6876b163743d9d70aba
SHA512

961598cae3544c2d99c3bb5abc6b7d1726a74e1cce2ea18835344e52c11322a2fda93611736b7a2a7ea8b4ad3bfe5f24ea9c0477cab531a80e2917798c184693
SSDEEP

3072:uGqaG3wP02ODmcFg6sWIh4Pfu/0Vlj88vFlYtX+n0mDIKDa:uhwPCK6W0Y0fQ8dGKkk

Score

10^/10

rat jrhs formbook

Malware Config

Extracted

Family

formbook

Campaign

jrhs

Decoy

z9qKJKkDvAIuHLEHHio=

v1IF/uQs+IXRHKpFKIdBng==

ncLEsxCoZPhrTA4SJzBWU0p6+W0P6sfJ

TG+CLqgw/nJwe0o=

WfDZRO6ag88WdZjB9FNFQEOR

m6BQuIKK1h9L8LIp7g==

4HQ0hSu+hrv7YEhPuqisRz+M

KTzVMJNe0x9K8LIp7g==

L790yTz+7bSTLX0x8w==

7A771u7wQb48H7EHHio=

835fujOR9PN5Bfzl8U7xN8wQDQI=

iy76W9+ljFqliSXUoMvr9a2D0GBI/Rk=

NdibD6l/UWXKH0NdgI7UD3jeGhAF4EY30Q==

U/L6TqYQ4ilELwUugGd8gzE9qEgCmA==

b41sbHE/ncscKLEHHio=

5YVayEzN1ddh

2vSyPrSATknMXi2waD0=

Ot8FiWUt3xNv

UuzQGMvko6DRY0Bp

VmJSRknkiekloYd+PphF

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_717d8a801e84c67553f29c8aed04eed83b9228fd3cfcf6876b163743d9d70aba

Files

JaffaCakes118_717d8a801e84c67553f29c8aed04eed83b9228fd3cfcf6876b163743d9d70aba
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB