MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 81c89c74bd3c21ddf71d0cf01ec2c104e0ec298e6d2c9430f6bb7ddd8e711d62. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Formbook
Vendor detections: 3
| SHA256 hash: | 81c89c74bd3c21ddf71d0cf01ec2c104e0ec298e6d2c9430f6bb7ddd8e711d62 |
|---|---|
| SHA3-384 hash: | c231021dba740ed7f10ed3998b8e6be732b5b3312c30eea6eeb7c43aa9e130f0395052df4eb7c8cdea8070f77273c476 |
| SHA1 hash: | cd347db00e02e886fbc676734bea02efaafe9937 |
| MD5 hash: | 3b07278f51d5120075a7f5aa240861d3 |
| humanhash: | tennis-avocado-foxtrot-july |
| File name: | New Order list.zip |
| Download: | download sample |
| Signature | Formbook |
| File size: | 290'566 bytes |
| First seen: | 2020-06-30 12:32:46 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 6144:0M6cbPX61erKdL/puCN5Nc+b/TAk5DkHKo9W7kmmpD/yx/s5PTxDFTAU:n6cbPZWV/wJ+b/p5kqxQnpD/yxITbTAU |
| TLSH | DB5423B204BEEE679D670C5573C05D96C782BA0A44901B49D3BCAEF741BD369FB081AC |
| Reporter |  jarumlus |
Intelligence
File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Backdoor.NanoCore
Status:
Malicious
First seen:
2020-06-30 12:34:07 UTC
AV detection:
24 of 48 (50.00%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.