General

  • Target

    JaffaCakes118_7d877e22760cd0d62fe99aba3e776f1043bba8e4dd41296e6bfdf8aecbec6050

  • Size

    188KB

  • MD5

    2ec41f645439f23b43ef0dfbcc486c34

  • SHA1

    91a98bff5fef6f5e558a4c9a017b36f0bb50a6fd

  • SHA256

    7d877e22760cd0d62fe99aba3e776f1043bba8e4dd41296e6bfdf8aecbec6050

  • SHA512

    141464b65f1d870e2fad8eefebc99a78e79a6ae72f7ee0944d5c3710bcfe24e9ed9e1b505869d730cb834428d9f6689a668f344182e72bae5052ef3d5173b681

  • SSDEEP

    3072:e1djE3PFNrjy35gSqqOb267SzxIzMf5PySprwo+RJTdu:Hrk53qO67SzxIAf5KSSJ

Score
10/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

d17y

Decoy

kokssvip.com

firstbkpana.online

eftheleft.com

theblackbelleco.com

centerstagetelecom.com

thecelebratedwoman.net

suntouchedchicago.com

cortebert.watch

lelekp.com

sambadkhabar.com

mizukamigama.com

zeuspetir89.net

honvicd.world

sopnolok.com

turamanyapi.com

ropiya.com

verafen.com

jedmov.online

foreseepatronage.top

hr-xmb.com

Signatures

  • Formbook family
  • Formbook payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_7d877e22760cd0d62fe99aba3e776f1043bba8e4dd41296e6bfdf8aecbec6050
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections