MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8eb5157b26419897c10a15f19e1b16c3fde5949e211c3c72444a2813f160f8a6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: 8eb5157b26419897c10a15f19e1b16c3fde5949e211c3c72444a2813f160f8a6
SHA3-384 hash: 9c15f67034deab601a35e3d4ac397e431fa7a7bb960c0b7245b835c48d61da7ae7ef4bac621ff627e96698c497ddc3c3
SHA1 hash: 84459f977b18d0e0b14f0671e9c0229858a58e0c
MD5 hash: 72df881a8eb1af97800f545887beb56a
humanhash: eleven-magazine-idaho-wyoming
File name:ball
Download: download sample
Signature n/a
File size:233'472 bytes
First seen:2022-08-05 07:04:00 UTC
Last seen:Never
File type:unknown
MIME type:text/plain
ssdeep 6144:1Zal/6xnMC4gj5OQzMQ+APoAXfjgPj0qKEOrZY6UsOV:6l/9bYvzEz9j0qCW6DOV
TLSH T1FB34C032C567BEBB350D88CD540C0D855F7579A3863DA231E888C1A7B2CCF69866D4FA
Reporter @JAMESWT_MHT
Tags:208-67-105-125

Intelligence


File Origin
# of uploads :
1
# of downloads :
138
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Threat name:
Win32.Trojan.FormBook
Status:
Malicious
First seen:
2022-08-02 15:25:08 UTC
File Type:
Text (PowerShell)
AV detection:
13 of 40 (32.50%)
Threat level:
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments