formbook | JaffaCakes118_ff2532439dbbd2d9d7f90c1429b8a7abf35cc142a74d4d71b34ec381cc98fe1c

General

Target

JaffaCakes118_ff2532439dbbd2d9d7f90c1429b8a7abf35cc142a74d4d71b34ec381cc98fe1c
Size

188KB
MD5

1bae385787dd3a803d3ee3c1bdef8499
SHA1

76c9b9923e8692a9c9a8b049df0a293fc64d9dc6
SHA256

ff2532439dbbd2d9d7f90c1429b8a7abf35cc142a74d4d71b34ec381cc98fe1c
SHA512

cb19c4d8a3b36baa4d17b85565abea180ed9dc41ee7ddadd7cb409a54ce65669b44782eba0c469d88730ebee3d2bb960c21d3185b95062879c5a8d817f48f1eb
SSDEEP

3072:IEIWa05Gm6AR0FtW3/i50ORBRriFvB3L6BES/YBLTl/Asdn1152inCKk:ILWT6K0FqDOfhMvFL6BEAYBLTlDPC

Score

10^/10

rat avcn formbook

Malware Config

Extracted

Family

formbook

Campaign

avcn

Decoy

iQqc+b5jHA+W

gCI4O82LSsNA9tLkneHk6qA=

3I2qv1ZVYff+1Eo=

1YmmfbWjsiHmYcYjSVTf

NBsHMXP19khOJt2KMTEHhw==

phGkJ+uyWGow/gNhAcfxpNU4GLuUgXFcOg==

76S4kOajAII72kw=

YuoJB0X0+/LJtxIjSVTf

dfwI3SsaGogqBAZ4xhUx4B2g+LiF8XoFNA==

DPZ6AvfogdqUiZUq5K+3Jqk=

hnICZyINthreqpPpaLz9gQ==

yVh1ZpxISCr6h8b+MA==

/8Tg3VE+R7A/Bte6oC7kz/g4mz8Ufa4=

Nb5SuHlc+kxwGO5Oig5THgechA==

/NLWvgr7IAXcxzuueX/s6wJXODEI

/niFcKdVbQHAqH2y

Gac4n4YyRhvRYuK6

RtRr4pSUsjjOu7qsuv9FFBTuiHQ=

u1p5bblp59M=

qmh/ZV4PTj/IiNezISd2YeWw

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_ff2532439dbbd2d9d7f90c1429b8a7abf35cc142a74d4d71b34ec381cc98fe1c

Files

JaffaCakes118_ff2532439dbbd2d9d7f90c1429b8a7abf35cc142a74d4d71b34ec381cc98fe1c
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB