formbook | JaffaCakes118_c1e816af45d24fe02f2f844374a048554d42dd1847bd397cb9a6e544d0f80a3f

General

Target

JaffaCakes118_c1e816af45d24fe02f2f844374a048554d42dd1847bd397cb9a6e544d0f80a3f
Size

188KB
MD5

f8d50d73494163706c2fd45d6736f0bb
SHA1

dec01399223d1e980b828c633c1a1f886d6de363
SHA256

c1e816af45d24fe02f2f844374a048554d42dd1847bd397cb9a6e544d0f80a3f
SHA512

47327a53169dd830a278276c3839ab146ec7bddd0273893c27849946712dfb67ce30e168b579e8a6c5e8efaf40bc0abe521e265789ce43ab7cfef2e964253ec8
SSDEEP

3072:miop/br+IFC81euYtWlKi544mQ5kDE/lzQ8WlpYT1CfDUmEKValhhggky:mi2f+3UeuYQYvzSNQFfYT1CftEKIlh1

Score

10^/10

rat 8h9m formbook

Malware Config

Extracted

Family

formbook

Campaign

8h9m

Decoy

1mlTmspKx2v1tBk=

yIc4QeHIRDCOR+Jw1Ok=

H8t9mJXm6cGdYU06SRJfL3sSLA==

lAXKHDi6++LIhlEwKs+bWhMZ+L66nQ==

E6WKvzgn56BxKQHIJyzgBAF/rqd3991G

POOMBhRnJuTJ

jamOvN0WjnY=

SkSWCK+QG2v1tBk=

UO/pC56OWQfVlG83j5ePL3sSLA==

zZE+TtGyQ/VHCmpNpqjvtO+qOv0gK/xY

Qf2nzo6CKw0wULtN3u8=

aQXZ7xd65+B5qcGN5es=

pVcLOF283IPToRfbFwmBk+/HYa/XgWg=

/q6WucVnJuTJ

1q6TtFFOBOLzXuZ80eM=

deGLxFs25Mot+4FNkDRsYM4=

OSMfWPXclKD9TD0In3Yh0w==

a//mBgh1bElZOCPn7JQcaAXZ7q/XgWg=

jTcUGqB9bkvyvQ/7

B3hUcn7MyK7CtqeFrxQV3Q==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c1e816af45d24fe02f2f844374a048554d42dd1847bd397cb9a6e544d0f80a3f

Files

JaffaCakes118_c1e816af45d24fe02f2f844374a048554d42dd1847bd397cb9a6e544d0f80a3f
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB