MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a06d2e1f81c746b5c7751e96ab655602b97a89aa58f089cbc4f3a9fe3690d3fe. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


FormBook


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a06d2e1f81c746b5c7751e96ab655602b97a89aa58f089cbc4f3a9fe3690d3fe
SHA3-384 hash: 0ab6723aa1e12d936caf71d3120227e2753875288080035607ebbe960744826694f937aa4e51231ca3aae52c97280d0a
SHA1 hash: 9ed3f169c13c4467e96cec0693784d1e961cb03e
MD5 hash: 75183008da23617c64b2db5ec7d7b6b5
humanhash: floor-nuts-artist-venus
File name:BL PL.img
Download: download sample
Signature FormBook
Create hunting rule
File size:634'880 bytes
First seen:2020-07-29 14:33:03 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:7qPOI5mmM+NLtySTgZrJNWK/AZXSjdFkwl3I1EIR:7qZmmJLtyu+vARykwl5I
TLSH 13D4CF3CB6D4C510DBBE563AE1F90A50CBFFA1959477C3192A58A26B1DF33A2E10027D
Reporter abuse_ch
Tags:FormBook img


Avatar
abuse_ch
Malspam distributing FormBook:

HELO: wisxel.com
Sending IP: 5.206.227.51
From: Jessica <g.zimanowski@t-online.de>
Subject: Fw:Re:Re:Re:RE: PO-17000542 Container shipment
Attachment: BL PL.img (contains "BL PL.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
75
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic.mg.4cc9a0255352e041.13678.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a06d2e1f81c746b5c7751e96ab655602b97a89aa58f089cbc4f3a9fe3690d3fe/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ubws4h4by5dllr3vd2lkwzkwak4xvcnkldyits6e6ou74nuq2p7a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a06d2e1f81c746b5c7751e96ab655602b97a89aa58f089cbc4f3a9fe3690d3fe

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

FormBook

img a06d2e1f81c746b5c7751e96ab655602b97a89aa58f089cbc4f3a9fe3690d3fe

(this sample)

FormBook

Executable exe 718524efef50f9e043f3db594db14aa1f5e3fba213539b5b219638d089937afe

  
Dropping
MD5 4cc9a0255352e0410c74eeeb1c64ba67
  
Dropping
FormBook
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 718524efef50f9e043f3db594db14aa1f5e3fba213539b5b219638d089937afe

Comments