formbook | f20508cd9c7862a7260004c195cb9aff4d25f8d2c7238378508205a5d9e364acN[.]exe

General

Target

f20508cd9c7862a7260004c195cb9aff4d25f8d2c7238378508205a5d9e364acN.exe
Size

180KB
MD5

3353a46747397336a60dcc8c4d4fdc50
SHA1

22dcd9c63a98d950136a807d7eca9b915cf7abd9
SHA256

f20508cd9c7862a7260004c195cb9aff4d25f8d2c7238378508205a5d9e364ac
SHA512

80b0895dda4ea8d72790cd8c943dcaa415131ec9dc47577a0a3ec19b42600fee05bb57ca575e9bb229710431df7fea2b5da8bfce56c5a0035bdd7fd29f43472d
SSDEEP

3072:ao1EpA/DoswCiJ9CMWFXz99h9b6Ays+pmlxkwUoHbqDQdfUdKBBnsPwl:pIMDRNeCbz9fkAL+pYxVeXdos4

Score

10^/10

rat g3wj formbook

Malware Config

Extracted

Family

formbook

Campaign

g3wj

Decoy

gmdo6LbbCgtX05Ax7gJvUxL5dGSBXj+D

XQ5XoWWrkBdTvVZR+ngw7QD+LA==

YtvlYTaakDgpZzZf1LJkUA==

Kr6nqwA5gBl27Q==

qGTAFnuNwaD+gS7HdIaNRhKC

i0Z+uoMKM8kAYTVJwmJJ5ZP4Ow==

EQb9fHQHgBl27Q==

iX4CGn+7xccaVk4BQA==

dmp/BoDGy2SUAb7rsSv25ImqrlM=

wm7HRiyNewY1qWKRxPY9tYwzlsWn

vi8cmGu0qz5o12XdDqtfMoMQNpwwlnM=

axZnfuRaewxSzo2w0w1k+RD7Jg==

hPvjXRhcWwwaVww783407QD+LA==

Uyb2OPGDwp/9aS3PkVXtyj0=

m1KlTy56djlY24gp1fA4nfAzlsWn

/3ooddpPl2NZh3bpmpni

RJpInoxHv6Gh7eDJdfw=

ZknVWjV7fU+wLsXD5/YlnoAzlsWn

8WJo7Gd3mpvC7KDJYaXSyCo=

mD8JXCdvxdU7J+eh

Signatures

Formbook family
formbook

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f20508cd9c7862a7260004c195cb9aff4d25f8d2c7238378508205a5d9e364acN.exe

Files

f20508cd9c7862a7260004c195cb9aff4d25f8d2c7238378508205a5d9e364acN.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 174KB - Virtual size: 174KB

.text
Size: 174KB - Virtual size: 174KB