MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea
SHA3-384 hash: 49c456a62fedf9b80b8f03980c678068cd9b9729e51a37d8cc22e5d06b59a4c5434284fc12963f70e0615cdc3db6e2f4
SHA1 hash: 36caafbf428c6522b21324d69f797b821625abf3
MD5 hash: cf04b4d31d9d82275d0643e0068b1829
humanhash: magazine-mirror-green-oscar
File name:ashleyzx.exe
Download: download sample
Signature Formbook
File size:783'360 bytes
First seen:2020-06-30 06:03:37 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash a80cd992960ca4e7ba926088f846b1f3
ssdeep 12288:3EQTcW9T920/5/6oPR0ht9hl9a05wJVfQLeQUbDxPR+F16Lli/E:0EcQ207R0R3FurYLeQqp+F1ul0
TLSH B4F4AE36E2E14C33D127167C9D2F73789C3ABD107A28A9C67BE44C4C9E3A6453967293
Reporter @Jouliok
Tags:exe FormBook


Mail intelligence No data
# of uploads 1
# of downloads 28
Origin country GB GB
CAPE Sandbox Detection:Formbook
ClamAV Win.Dropper.Remcos-8328482-0
CERT.PL MWDB Detection:formbook
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-06-25 19:04:05 UTC
AV detection:30 of 31 (96.77%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:formbook
Tags:spyware evasion trojan stealer family:formbook persistence
VirusTotal:Virustotal results 61.11%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe 498fbde70a7375ef095b51ad4ad72798d26a2d28dd82e155e9afc31e95773bea

(this sample)

Delivery method
Distributed via web download