formbook | JaffaCakes118_7b9e88bba7598f0d565dbcbc34e6039ed3da00d007672f8e6ebfd0772ca4d7a3

General

Target

JaffaCakes118_7b9e88bba7598f0d565dbcbc34e6039ed3da00d007672f8e6ebfd0772ca4d7a3
Size

138KB
MD5

705f322afa2bf31d1047f29c3c4580d9
SHA1

e102951a19056e2dc5603d12f30a09ec805ae3dd
SHA256

7b9e88bba7598f0d565dbcbc34e6039ed3da00d007672f8e6ebfd0772ca4d7a3
SHA512

d339cbcd7e774366129dc581ee1a1f010aefe1f3dbb1405569c6a49dde18e73006afd251e6817f1673acfe0b3d4947953bdecb5b7ab2841bdc56ff06c6627ba2
SSDEEP

3072:eAvsiE2iuynrO+JU9rq0ktP1MGupSWE/FZkT:eAvXp6rg9rq0k8GupSb/z8

Score

10^/10

rat fs93 formbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fs93

Decoy

talesofterrorhaunt.com

adpir.com

federalexams.online

ontop88.one

sasquatchscreenprinting.com

thegoonstate.com

cuetik.com

334098.com

tronzolacero.xyz

fashion-therapy.co.uk

stationdjradio.com

28530wlakeviewcrt.info

hastingsreptiles.co.uk

iwabrisibolgamonica.my.id

propertymanagementsanjoseca.com

vrtic-zepce.com

jthme.com

nha-cai-v9bet.com

ikx2.com

yeslon.xyz

Signatures

Formbook family
formbook

Formbook payload 1 IoCs

rat

resource	yara_rule
static1/unpack001/375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630	formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630

Files

JaffaCakes118_7b9e88bba7598f0d565dbcbc34e6039ed3da00d007672f8e6ebfd0772ca4d7a3
.zip
375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB