formbook | JaffaCakes118_7da8c3c2e73c8202d979626c469c4939b4c28735a5b2bc470f7852cddd038817

General

Target

JaffaCakes118_7da8c3c2e73c8202d979626c469c4939b4c28735a5b2bc470f7852cddd038817
Size

188KB
MD5

1d5f16c00d2f37acef390adb5e484f37
SHA1

aa082bac49a68fc841f9dfe1a520ed65c5e8d0ba
SHA256

7da8c3c2e73c8202d979626c469c4939b4c28735a5b2bc470f7852cddd038817
SHA512

ab695bf4bf8f63cd43842ca3686fd19488da7c2c7461746d9fb71bbb9f4be648cd009c3ab72f33e6bc9d87ffc3a2c1a991f5eafdaad2b7aa152ca313c2861084
SSDEEP

3072:rUBbOPHPvU1l96P4qJWATe4kwVf6+leuV1PPht/xuCJuXanyBZkkkT:rUE/Pv8FqhT7l6Wea1PPht/IauKnyBm

Score

10^/10

rat ujno formbook

Malware Config

Extracted

Family

formbook

Campaign

ujno

Decoy

8TLzgndL6n0W7VRu

Ur4vahO/XrqJ84erHA==

gWrWOGkVQkEWIZpyQzXS

Z7fsJtQUcqZ5

H3ju+UYOtRzYezQ/1L0=

JGJaKScIpBXFBE0=

3igPiRGPygfYUm3NmbU=

QX1b25U+dHY9yD15lKxUwQ==

GXh5Kd96Cl4wDIJkPC3K0tDmqw==

crqjL8BSPGVefQ==

wfttowVyqOrMUm3NmbU=

0kGXgp8qWopeFo+/WIpy3HU=

duBRgMK/6r1Z1kc=

402JlKOAGEY7bmDzgyOPZfsutg==

LWzB4CDeLrCI4kI=

6UUdpzLm0RH6ZQ==

LXhM0pM2jVW//mRz

sgkRya9wW3xk

XLMxT3X1CSC16MNA3ZTa

9kbM/0D1LiwVaGwF6Fui1g==

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7da8c3c2e73c8202d979626c469c4939b4c28735a5b2bc470f7852cddd038817

Files

JaffaCakes118_7da8c3c2e73c8202d979626c469c4939b4c28735a5b2bc470f7852cddd038817
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 180KB - Virtual size: 180KB

.text
Size: 180KB - Virtual size: 180KB