MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 b30585778ccca8f448706eb3f508bf514cc329145a854d28bcbf1493d28af1a7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Formbook
Vendor detections: 3
| SHA256 hash: | b30585778ccca8f448706eb3f508bf514cc329145a854d28bcbf1493d28af1a7 |
|---|---|
| SHA3-384 hash: | 79b967586563c5f5c150e8bbb23eb1adacdec84901a32d88002c1d7e4b020a07b12a6a3e1c594608135023c8c509b38c |
| SHA1 hash: | a9f8b66ed4b1359a48d5e5783654a5a26ba15873 |
| MD5 hash: | c0bcd3d6da69e000ed025857aa24f87a |
| humanhash: | hamper-winner-arizona-mike |
| File name: | quote 6084.zip |
| Download: | download sample |
| Signature | Formbook |
| File size: | 576'782 bytes |
| First seen: | 2020-08-18 06:24:53 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 12288:jp7XfrwAZymbkKK1pDQ2RzIWcq1vX0/OUiH5ymZbsx:FoAZdmjEAz25Q5yxx |
| TLSH | 58C42373065218EBC80B3EC27A6F92760B707525939E3BDDC14DCDFA905BA08610F3A6 |
| Reporter |  abuse_ch |
| Tags: | FormBook zip |
abuse_ch
Malspam distributing unidentified malware:From: Helen He <server@hinet.net>
Subject: Required Quote
Attachment: quote 6084.zip (contains "quote 6084.exe")
Intelligence
File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2020-08-17 21:43:26 UTC
AV detection:
30 of 48 (62.50%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.