MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 737a0a98af8680ae43e71664f863147f13473480697767dee2dd0264623d0a90. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Formbook

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	737a0a98af8680ae43e71664f863147f13473480697767dee2dd0264623d0a90
SHA3-384 hash:	54c2776a1d822d604c7771f34889ace26590f9eae06e6da143d98efee6aa49e8cbdd766e2e42f9033d9b8b7408eb867a
SHA1 hash:	6a75dce080efe9a41cef7722b5de20e56d3e048b
MD5 hash:	02315370bebb36c0659a66a435b04e0a
humanhash:	nineteen-chicken-five-nineteen
File name:	유티아이테크-발주서 송부의건..gz
Download:	download sample
Signature	Formbook Create hunting rule
File size:	457'314 bytes
First seen:	2020-10-26 10:09:51 UTC
Last seen:	Never
File type:	gz
MIME type:	application/x-rar
ssdeep	12288:ib21NkYLQXNUIGQmPqkG3fU+HrhUKNLZIB:Z1NPLuNUI6PLG3fjlNQ
TLSH	BAA423A0735EC16C5CEF2E766E60E71DCEFA5B09C20B48522A7B83026363A535E4E543
Reporter	abuse_ch
Tags:	FormBook geo gz KOR

abuse_ch

Malspam distributing unidentified malware:

HELO: mail-smail-vm46.hanmail.net
Sending IP: 203.133.180.234
From: UTITECH <wine1072@hanmail.net>
Subject: 유티아이테크-발주서 송부의건
Attachment: 유티아이테크-발주서 송부의건..gz (contains "유티아이테크-발주서 송부의건..exe")