MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 679a06d901ce3cc19b8b6988eb69867716204b7c7ab7b890f51b6cd7341afbe9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


FormBook


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 679a06d901ce3cc19b8b6988eb69867716204b7c7ab7b890f51b6cd7341afbe9
SHA3-384 hash: 08e3b0c192d44db082555c4d90f590f0f9e507a06fa7d3e7493b9fa67e0c7a28a3539a264471c284e9cd30e49057abd8
SHA1 hash: 59aa908d8a150c33250d79d5bfb01494c0fec473
MD5 hash: 1721bef130b4d6c9a337b9e94a4af6c7
humanhash: bacon-mango-two-jersey
File name:Quotation.uue
Download: download sample
Signature FormBook
Create hunting rule
File size:974'329 bytes
First seen:2020-07-09 07:32:28 UTC
Last seen:Never
File type: uue
MIME type:application/x-rar
ssdeep 24576:KbUGmJplcNznPzwQkGQWd6RWlDeob/dY/p0e:KbUGApcznsQkGHd6RO7Od
TLSH 0825334BB6F4BBB0406BD59CAB93785460B2C5ACD11491A876BC908A38D731FF312F79
Reporter abuse_ch
Tags:FormBook Outlook uue


Avatar
abuse_ch
Malspam distributing FormBook:

HELO: APC01-SG2-obe.outbound.protection.outlook.com
Sending IP: 40.92.253.83
From: Notification Team <vubengineering@hotmail.com>
Subject: REQUEST FOR QUOTATION
Attachment: Quotation.uue (contains "Quotation.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/679a06d901ce3cc19b8b6988eb69867716204b7c7ab7b890f51b6cd7341afbe9/
Threat name:
Archive-RAR.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-07-09 07:34:07 UTC
AV detection:
15 of 48 (31.25%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=m6nanwibzy6mdg4lngeow2mgo4lcas34pk33rehvdnwnona27puq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

FormBook

uue 679a06d901ce3cc19b8b6988eb69867716204b7c7ab7b890f51b6cd7341afbe9

(this sample)

FormBook

Executable exe f163f4788da0d445dec687df7d215b6af3c4bea10589fa268e6aff20ff335510

  
Dropping
MD5 20309cd20656f768b78cf8ee47aba6bd
  
Dropping
FormBook
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f163f4788da0d445dec687df7d215b6af3c4bea10589fa268e6aff20ff335510

Comments