General

  • Target

    JaffaCakes118_0106fee0bf0c6f31e41be66f45400012a70da5593e972db74215e39bc5a67dbf

  • Size

    188KB

  • MD5

    f137dc17362f38b92514988563980f82

  • SHA1

    8b97d4ceb911927d98b73abeea4afe4739682cdd

  • SHA256

    0106fee0bf0c6f31e41be66f45400012a70da5593e972db74215e39bc5a67dbf

  • SHA512

    55825443bf02a05ab93fab5f3649d01abfc3c85d1dd4819937ed6984baea0bd90fca631c838abfb7c80e3278febb5f3c7e5e904e1fd35915ed842d54f8ba6261

  • SSDEEP

    3072:DVT8E39JtMTc3uJOO2X7TILqgPAyd1DtmYcNkRF+pNNmF34Rd4xUn0wab81:dlaSu0/X7T4qgPAYQvN2wBhqxUnMb

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sy37

Decoy

sljxgf.com

sharebaby.club

animalesdelasestrellas.com

whistlertile.com

socialmedied.com

letiey.xyz

puylc.com

magischezeit.com

eliortrade.com

pttcellmayis.com

roydenwatson.com

ngchikwai.com

suggestionbox.info

goffgraphics.com

patriotsanonymous.network

miavpy.com

denisetitus.site

wanderfast.com

csis.group

elliottsnaturalfoods.site

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_0106fee0bf0c6f31e41be66f45400012a70da5593e972db74215e39bc5a67dbf
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections