formbook | JaffaCakes118_c6c5f8eb87c341b9afbe1fbba5f8d0dcaa04d5ce94f6da1fb2d1f9b5bee8e122

General

Target

JaffaCakes118_c6c5f8eb87c341b9afbe1fbba5f8d0dcaa04d5ce94f6da1fb2d1f9b5bee8e122
Size

188KB
MD5

7bc94253518c7c29b7efd7653d2984ab
SHA1

521e9b3a47b13081df8fb35a728f0409390a34e2
SHA256

c6c5f8eb87c341b9afbe1fbba5f8d0dcaa04d5ce94f6da1fb2d1f9b5bee8e122
SHA512

623ed6fa8fec09f0002e108cc4a90ce3e83e7c4823146ad9d0ba9f2b4a40910cebc356ad7d0d7ff8142193228ee18c2d66c4777235f4580b7fc03e7596b23166
SSDEEP

3072:bl9IRQq3SmEO64V1NgW97rxWxzNci1o3IylroWtECO+Zzmnks5JyBG+:blMQGMINHo5NNC3IkroWOQztGJyBG

Score

10^/10

rat txrd formbook

Malware Config

Extracted

Family

formbook

Campaign

txrd

Decoy

kHSN+xfb1Aqr+dNBUZcEL/0=

ec9vRsFPrVIaQMioVlYOLPU=

Y9Z0UwTFrd60l8QixkoUEQ==

t7jaPXUyZu4L5oE7xkoUEQ==

tP+ZeTMA72FEZQgE

i9BvR+ug35hwzzImMD8AQfs5Wxtr

qzzMP3ZUIcTghP7j7g==

W91vXNtagTEEY8iuJmQRNv8=

56GvkSClVU7krfa7Z8LW

kiS6LFYomzkD14RWNY0NP/g=

DVu1kCIqsEObVyQ=

vI2jPTHt8ui9Kw==

8NLsW4NXO628ltxhQ0cAMMA3iCx6

xoWRglALwub/1+eQQTI=

GWsO8at7vFhEZQgE

nRtiLPMt8ui9Kw==

DMrwVXhHCCJKMeOsXJcEL/0=

b0ZZN+y6obxTrL8cxQMsdWO65p6rjFY=

bGpz5dRiFQGVAhRxUZcEL/0=

aZJeS/DQW0ObVyQ=

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c6c5f8eb87c341b9afbe1fbba5f8d0dcaa04d5ce94f6da1fb2d1f9b5bee8e122

Files

JaffaCakes118_c6c5f8eb87c341b9afbe1fbba5f8d0dcaa04d5ce94f6da1fb2d1f9b5bee8e122
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB