MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1b3a9b2b91e235e345e7ed4e944e219133eed160548fb27594e9493ad71785a6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara Comments

SHA256 hash: 1b3a9b2b91e235e345e7ed4e944e219133eed160548fb27594e9493ad71785a6
SHA3-384 hash: 5bddf3744d8c5922c96fcc83c9838c65dee18286c373991b9d623325bc7cbe9e6bd7f3167a16f69d571f095e69b38921
SHA1 hash: 0e942d0f6d73fa9c986e57cc0cbcfc9d3d6df538
MD5 hash: 609f7f62c1c1ed29c375f7f3a9cf272e
humanhash: don-johnny-kentucky-victor
File name:ashleyx.exe
Download: download sample
Signature Formbook
File size:672'768 bytes
First seen:2020-06-30 06:01:35 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 4efaaf21b12695f01a3026d85b9437a9
ssdeep 12288:dEWYuBQgNo1MTuOxYL1ITsHwDUyt3ERZk8bIy243J6VoYVCZDB:mtIouYueWd3ERpbI23AVo
TLSH A7E4BF22F2E07832C062167D9C3BD6785A25BD5139585A472FF4FD0CAF39E8139262B7
Reporter @Jouliok
Tags:exe FormBook

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 29
Origin country GB GB
CAPE Sandbox Detection:Formbook
Link: https://www.capesandbox.com/analysis/16790/
ClamAV SecuriteInfo.com.Win32.Injector.EMHU.4343.UNOFFICIAL
Win.Dropper.LokiBot-8264786-0
PUA.Win.Adware.Slugin-6803969-0
PUA.Win.Adware.Slugin-6840354-0
CERT.PL MWDB Detection:formbook
Link: https://mwdb.cert.pl/sample/1b3a9b2b91e235e345e7ed4e944e219133eed160548fb27594e9493ad71785a6/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-06-26 12:41:58 UTC
AV detection:28 of 31 (90.32%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   7/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-9c31agcjca/
Tags:evasion trojan
VirusTotal:Virustotal results 69.86%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Formbook

Executable exe 1b3a9b2b91e235e345e7ed4e944e219133eed160548fb27594e9493ad71785a6

(this sample)

  
Delivery method
Distributed via web download

Comments