MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 15c4fa85cbc2c692575d38601a56e49a52a23d74a2dce110bf17beadf46672bb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: 15c4fa85cbc2c692575d38601a56e49a52a23d74a2dce110bf17beadf46672bb
SHA3-384 hash: e6ee749b2a110cc097f29992b08bc6f1ebdc33218b5f7e381c3e8c3c7c0f6856de8d6336fd86a621a199f53089c6d5fa
SHA1 hash: 65254c5c5b67524cbc73d8e5f5755a24451f7fd5
MD5 hash: ce868e50711384f6932917ceab7b3349
humanhash: whiskey-hydrogen-early-timing
File name:mazx.exe
Download: download sample
Signature Formbook
File size:321'024 bytes
First seen:2020-06-30 06:09:09 UTC
Last seen:2020-06-30 07:01:06 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 6144:bLxOf7nV9DpJvJtLTqAY6r5/EAyXUrZgnGObVRgHqDVMO:bL+nzDvvJtLtYu5IUGhbVRgOMO
TLSH 9264E117767C9762E92DC3F40B24118053F7372A6222E248CD9B38DA6976FA18761F93
Reporter @Jouliok
Tags:exe FormBook


Mail intelligence
Trap location Impact
IT Italy Low
# of uploads 2
# of downloads 34
Origin country GB GB
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:formbook
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Noon
First seen:2020-06-30 06:11:03 UTC
AV detection:24 of 30 (80.00%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   7/10
Malware Family:n/a
Tags:evasion trojan
VirusTotal:Virustotal results 19.44%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 15c4fa85cbc2c692575d38601a56e49a52a23d74a2dce110bf17beadf46672bb

(this sample)

Delivery method
Distributed via web download