MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 df9d0cffe8e5d089a342bb251805f4b080ceb00309a883a1a09df0f3598dbfa2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 3 Yara Comments

SHA256 hash: df9d0cffe8e5d089a342bb251805f4b080ceb00309a883a1a09df0f3598dbfa2
SHA3-384 hash: c7eadb4e0653e99d3d2a07ddf4069d1f3b4406b2e704c383cb58e90521730bc5d365e68ad1b54643f49a6c0cabd88e4f
SHA1 hash: 63d244236d00cd7d5c01f48721e7ffc4f9e5d04f
MD5 hash: 68e00b13fe067a39c9b57a5e6f440530
humanhash: uncle-chicken-low-winter
File name:df9d0cffe8e5d089a342bb251805f4b080ceb00309a883a1a09df0f3598dbfa2.rar
Download: download sample
Signature Formbook
File size:220'812 bytes
First seen:2020-06-30 06:22:15 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 3072:o0FgHV0jRzM7wv8RX9wn5YyrtyvaceYgdls1Ay+ZSpJyaCOrdkHJjWUs0RA:dNjTstwnlrYQcaSpY1OrdsJjW90RA
TLSH 48242204388E0AFEB27B7F079C16BA8EC5E817D91C9CDBCB67631091DD7206871985B6
Reporter @Jouliok
Tags:FormBook rar

Intelligence


Mail intelligence
Trap location Impact
DE Germany Low
Global High
# of uploads 1
# of downloads 31
Origin country GB GB
ClamAV No detection
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/df9d0cffe8e5d089a342bb251805f4b080ceb00309a883a1a09df0f3598dbfa2/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Formbook
First seen:2020-06-30 06:24:06 UTC
AV detection:12 of 31 (38.71%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 8.20%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Formbook

rar df9d0cffe8e5d089a342bb251805f4b080ceb00309a883a1a09df0f3598dbfa2

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments