MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a358e0ac42cc7258d72ea98605bd22a1bbdc15e0f9421849956fcb7b08da34fa. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: a358e0ac42cc7258d72ea98605bd22a1bbdc15e0f9421849956fcb7b08da34fa
SHA3-384 hash: ddeb4eca4d87212d91c1782d6cb7c7a4eb4789d55831c8aa4e0958d30692e5ee37a5d3ab6d717c440a56f4faad47fb54
SHA1 hash: 4ea38455f62ddb0d5931ffd83cdbca16c901f528
MD5 hash: 8e5698ccce5ff452c06b15dbf25479c4
humanhash: beer-victor-leopard-green
File name:REQUERIDA.zip
Download: download sample
Signature Formbook
File size:383'369 bytes
First seen:2020-07-31 11:07:49 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:0nD4RWO9a8h609drVm+GESAT5RIaHjJfQjvcBuUBoGz+zU8JxBgvrw0ORuBTtO3b:I4WO6QdBaETmChnb87XkLO3sQ7
TLSH CB842373E321FC81295B86C12DB6837ED75AFCAD8058D1589E89DA9CF0C38D369470AD
Reporter @abuse_ch
Tags:Endurance FormBook zip


Twitter
@abuse_ch
Malspam distributing Formbook:

HELO: 162-241-205-158.unifiedlayer.com
Sending IP: 162.241.205.167
From: Alejandro Lopez - PETROMINERA <Alejandro.Lopez@pmch.com.ar>
Reply-To: Alejandro Lopez - PETROMINERA <Alejandro.Lopez@techie.com>
Subject: RE: COTIZACIÓN REQUERIDA
Attachment: REQUERIDA.zip (contains "REQUERIDA.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
34
Origin country :
US US
Mail intelligence
Geo location:
Global
Volume:
Low
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Status:
Malicious
First seen:
2020-07-31 11:09:06 UTC
AV detection:
20 of 48 (41.67%)
Threat level
  5/5
Threat name:
Malicious File
Score:
0.71

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Formbook

zip a358e0ac42cc7258d72ea98605bd22a1bbdc15e0f9421849956fcb7b08da34fa

(this sample)

  
Dropping
Formbook
  
Delivery method
Distributed via e-mail attachment

Comments