MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara Comments

SHA256 hash: 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea
SHA3-384 hash: 49c456a62fedf9b80b8f03980c678068cd9b9729e51a37d8cc22e5d06b59a4c5434284fc12963f70e0615cdc3db6e2f4
SHA1 hash: 36caafbf428c6522b21324d69f797b821625abf3
MD5 hash: cf04b4d31d9d82275d0643e0068b1829
humanhash: magazine-mirror-green-oscar
File name:ashleyzx.exe
Download: download sample
Signature Formbook
File size:783'360 bytes
First seen:2020-06-30 06:03:37 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash a80cd992960ca4e7ba926088f846b1f3
ssdeep 12288:3EQTcW9T920/5/6oPR0ht9hl9a05wJVfQLeQUbDxPR+F16Lli/E:0EcQ207R0R3FurYLeQqp+F1ul0
TLSH B4F4AE36E2E14C33D127167C9D2F73789C3ABD107A28A9C67BE44C4C9E3A6453967293
Reporter @Jouliok
Tags:exe FormBook

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 28
Origin country GB GB
CAPE Sandbox Detection:Formbook
Link: https://www.capesandbox.com/analysis/16793/
ClamAV Win.Dropper.Remcos-8328482-0
PUA.Win.Adware.Slugin-6803969-0
PUA.Win.Adware.Slugin-6840354-0
SecuriteInfo.com.Variant.Zusy.307621.12684.6607.UNOFFICIAL
CERT.PL MWDB Detection:formbook
Link: https://mwdb.cert.pl/sample/498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-06-25 19:04:05 UTC
AV detection:30 of 31 (96.77%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:formbook
Link: https://tria.ge/reports/200630-ft2xjc7zpn/
Tags:spyware evasion trojan stealer family:formbook persistence
VirusTotal:Virustotal results 61.11%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Formbook

Executable exe 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea

(this sample)

  
Delivery method
Distributed via web download

Comments