MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 b64040919a8c9500cae6c10c5d05fd697e17bcb79a730e754fc2f6381e8620be. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
FormBook
Vendor detections: 3
| SHA256 hash: | b64040919a8c9500cae6c10c5d05fd697e17bcb79a730e754fc2f6381e8620be |
|---|---|
| SHA3-384 hash: | 8dc26695450e9ada78d894fd971059a73d93f121f25472faa73c3eb7c337bb9dae05ebbd78d63906f174709acb4f8995 |
| SHA1 hash: | d1d901fa39a9d23d9ef3e431e367f37568fb74e7 |
| MD5 hash: | 6a1e13ee75c68d0a0f10aa275859463f |
| humanhash: | one-crazy-virginia-finch |
| File name: | MV TBN -Specification and PL-DOCX.gz |
| Download: | download sample |
| Signature | FormBook |
| File size: | 655'681 bytes |
| First seen: | 2020-05-07 10:55:07 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 12288:aCv2HOJ8DIA6QoqgGeS7ZNACgBkLrcdZsjfLcpLoeWXgsLomSKEh/32md1fz:ay2Heq56VqQS7bACgBkncdZPpLMpL5Sd |
| TLSH | 50D423BEE20B6B4347EE18895C4E8277DC2A75B260D53F4B32A9B5282437F8DBD5444C |
| Reporter |  jarumlus |
| Tags: | FormBook |
Intelligence
File Origin
# of uploads :
1
# of downloads :
82
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Mbt
Status:
Malicious
First seen:
2020-05-07 11:35:47 UTC
File Type:
Binary (Archive)
Extracted files:
60
AV detection:
31 of 48 (64.58%)
Threat level:
2/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.