MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7fb4179528efb33ae2857193ccd09307b4e6a803ea957544ef6024ed246e5493. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


FormBook


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7fb4179528efb33ae2857193ccd09307b4e6a803ea957544ef6024ed246e5493
SHA3-384 hash: b0f51da01dadc36d39644c6d87f962b122c16e792f2140dee43a8aa4451938a3cd293b2df52d334165bb7e122f4b00b7
SHA1 hash: 3cc4d7cadf2e36379cbf95642698fbd59e26344d
MD5 hash: e3f7b8ab895307f153b7ff5e6319adb5
humanhash: april-august-quiet-snake
File name:USDE9749.rar
Download: download sample
Signature FormBook
Create hunting rule
File size:557'234 bytes
First seen:2020-10-09 10:41:54 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:GYI4i/dSEAjmfjM2bsCnJ5zSkbCAuJ+q8sNyVRQ:ZI4GdSECmrmCn2Qqv8s4VRQ
TLSH 7DC42363A1272486293C945CD31DEDDC3560DAA8EC7F4EE2136614E67CA1BE8E31EC43
Reporter abuse_ch
Tags:FormBook rar Yahoo


Avatar
abuse_ch
Malspam distributing FormBook:

HELO: sonic312-20.consmr.mail.bf2.yahoo.com
Sending IP: 74.6.128.82
From: susan harrell <susan88harreil@yahoo.com>
Subject: : Fwd: Wire Transfer Payment
Attachment: USDE9749.rar (contains "k7j7Sua3JrEZNPR.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
118
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7fb4179528efb33ae2857193ccd09307b4e6a803ea957544ef6024ed246e5493/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=p62bpfji56ztvyufogj4zueta62onkad5kkxkrhpmaso2jdoksjq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/7fb4179528efb33ae2857193ccd09307b4e6a803ea957544ef6024ed246e5493

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

FormBook

rar 7fb4179528efb33ae2857193ccd09307b4e6a803ea957544ef6024ed246e5493

(this sample)

FormBook

Executable exe f4854fb409d136b74193144c50c888b36bbbbcde71b52acb5f8177a862ebd76c

  
Dropping
MD5 80338c0fd0b356384c5c238cd0167aa6
  
Dropping
FormBook
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f4854fb409d136b74193144c50c888b36bbbbcde71b52acb5f8177a862ebd76c

Comments