formbook | JaffaCakes118_175c1cfaa36d8cc04417e1b064ae1fb16fda3a298ba1683e1db63ab040b0dd86

General

Target

JaffaCakes118_175c1cfaa36d8cc04417e1b064ae1fb16fda3a298ba1683e1db63ab040b0dd86
Size

188KB
MD5

bb672968043f0eeddb8b82fd46f5f99c
SHA1

d3ee2f778a20a15aa716b421ff06f94718b2b6d6
SHA256

175c1cfaa36d8cc04417e1b064ae1fb16fda3a298ba1683e1db63ab040b0dd86
SHA512

7d9a7765952ce4889286d8809ca9ece12a0a6d14f445ff8450a0483472ebe497eb7ae3df4a382ed545ee437b95ab6863168199bf2e6f934b67e26333fa08b85c
SSDEEP

3072:2k40DalN++QaRFtWtbiJC5mHUU266SRN1WytBuITMocI9lLdIu1n2YS:hzwYsRFkZ5ED3FisAITMocIx

Score

10^/10

rat axe3 formbook

Malware Config

Extracted

Family

formbook

Campaign

axe3

Decoy

nV63ydJMXMf7memspIpnnVLl3Q==

uJ50rs5Y/80AqT79guHh

FcsTFQ1xekTgcal8G0P2ZTQ=

uLWWVJP++ID3dkoB8g==

YyoybGF5Fsa/UH8=

Tk4htwkBBfM5ZA==

QgJ8vN9f+uCdsD79guHh

wmjC9UuSBGyTrY5PAX9t1A==

Sw7JEwOKl576ndxw/A==

BOqs09Ikjej1BN98ZYtVfSi5xQ==

YA5cbH3/4wVAYg==

fRWIvatAXM3+t0X9guHh

FAbZXq/jFuaEq2YCwQh3b2oE

STL+RDTA652/tD/9guHh

zgLNcuX32aFB

WmgwW1UCJ/9Nc0ofkIhVyQ==

jiWgy9ckGh8G+3Q7Rl//NW9ZU7TU

JCoawiBkwAkeJOehkNXRCYnj3A==

WQDFZvang91P

zGrJ4CA2pAhR

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_175c1cfaa36d8cc04417e1b064ae1fb16fda3a298ba1683e1db63ab040b0dd86

Files

JaffaCakes118_175c1cfaa36d8cc04417e1b064ae1fb16fda3a298ba1683e1db63ab040b0dd86
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB