MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c073bf8fe7bc6caeb74a2f35bdfb6a0852b0e9ffabb0e906ae339e173f040a9e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


FormBook


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c073bf8fe7bc6caeb74a2f35bdfb6a0852b0e9ffabb0e906ae339e173f040a9e
SHA3-384 hash: ce4fad71d8add568082393a46c9163b32c1f5a6a0010de17ee8c36d5b2c493213ec1ba9cfcb500c630d64060735a8b99
SHA1 hash: f7304be493f3f53512be781f3a0e2ef278ab9383
MD5 hash: 92eeb87ce7a9074140c2a82033ca9092
humanhash: bravo-seventeen-ack-robin
File name:Request list.zip
Download: download sample
Signature FormBook
Create hunting rule
File size:331'491 bytes
First seen:2020-05-01 09:04:59 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:U34BXiCBKb+hObXu48DexKtdtX7lzE3RqIhyzMZzLUPuKQ1nDQ1:U34BVKb3bXDW+KdeRqYZzwrh1
TLSH 67642314CEA5B73236EC10F9C6FBBB266543D96360D007B713E2B578F51A8EE2566380
Reporter cocaman
Tags:FormBook zip


Avatar
cocaman
Malicious email
From: Louise <info@wikiweblog.com>
Received: from wikiweblog.com (unknown [96.9.210.250])
Date: 01 May 2020 01:56:50 -0700
Subject: Rate Required for PO - 01-05-2020
Attachment: Request list.zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
184
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen9.43686.847.15983.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-01 09:35:28 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
21 of 31 (67.74%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ybz37d7hxrwk5n2kf423363kbbjlb2p7voyosbvogopbopyebkpa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

FormBook

zip c073bf8fe7bc6caeb74a2f35bdfb6a0852b0e9ffabb0e906ae339e173f040a9e

(this sample)

FormBook

Executable exe 9b8a6fb8c7c1b4543c6076d63b4fadeeb78f2e2f87267f53728102ee7daab41c

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9b8a6fb8c7c1b4543c6076d63b4fadeeb78f2e2f87267f53728102ee7daab41c
  
Dropping
FormBook

Comments