formbook | JaffaCakes118_ccc1352ed51c8601c77e8dba168aebbcd5d762f14d8b6f686ffcce3e22137fb4

General

Target

JaffaCakes118_ccc1352ed51c8601c77e8dba168aebbcd5d762f14d8b6f686ffcce3e22137fb4
Size

138KB
MD5

47e2f9ee5ea386c27a58e5120c6dd88f
SHA1

b85473199856f9d876bfaafc01b07e0d8c8b4a50
SHA256

ccc1352ed51c8601c77e8dba168aebbcd5d762f14d8b6f686ffcce3e22137fb4
SHA512

43da9e710e3f6c210c12e95cc3b357e28b0fea4f685a5009d0288b0565c9dcdf93c782fd38e7def1a67f108d6fc4e310d136939eae249b1de18eeb6b9e007e1b
SSDEEP

3072:6AvsiE2iuynrO+JU9rq0ktP1MGupSWE/FZk/:6AvXp6rg9rq0k8GupSb/zE

Score

10^/10

rat fs93 formbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fs93

Decoy

talesofterrorhaunt.com

adpir.com

federalexams.online

ontop88.one

sasquatchscreenprinting.com

thegoonstate.com

cuetik.com

334098.com

tronzolacero.xyz

fashion-therapy.co.uk

stationdjradio.com

28530wlakeviewcrt.info

hastingsreptiles.co.uk

iwabrisibolgamonica.my.id

propertymanagementsanjoseca.com

vrtic-zepce.com

jthme.com

nha-cai-v9bet.com

ikx2.com

yeslon.xyz

Signatures

Formbook family
formbook

Formbook payload 1 IoCs

rat

resource	yara_rule
static1/unpack001/375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630	formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630

Files

JaffaCakes118_ccc1352ed51c8601c77e8dba168aebbcd5d762f14d8b6f686ffcce3e22137fb4
.zip
375d1a9b98531aaaf0d05ad0c23f5ddca52ec2bbd4d2abeeeab58d03f8d8b630
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 181KB - Virtual size: 180KB

.text
Size: 181KB - Virtual size: 180KB