MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9331a38f43ec6aaab6befc765608cccdacce805fe0ac8439bc880211caf868e2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Formbook

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	9331a38f43ec6aaab6befc765608cccdacce805fe0ac8439bc880211caf868e2
SHA3-384 hash:	ce7785349c65be815394499f74f82053962f5dc3d9ec712971e0a0cb70ed9f0843d4f9f59aa1fa91ad388f6312b21c25
SHA1 hash:	4e60f877f9e5312ec58aba7e3e0b1eb04f0601a6
MD5 hash:	3d879819c7c76cea16e69ae2bb0376bd
humanhash:	triple-texas-four-november
File name:	FC 21565 Project Specification_PDF.7z
Download:	download sample
Signature	Formbook Create hunting rule
File size:	1'019'199 bytes
First seen:	2020-11-07 10:19:55 UTC
Last seen:	Never
File type:	7z
MIME type:	application/x-rar
ssdeep	24576:lG7+AXS7tKy7Fl4EnAN5Yi52Ufs8jXffs+GvCM3/:Q770KyhlJO46HsL7
TLSH	0D25333777B7E398B59070CCAB2DB18B306E2FC56D050426EC6E141C9BBA1E6D1875E2
Reporter	abuse_ch
Tags:	7z FormBook

abuse_ch

Malspam distributing unidentified malware:

HELO: server.leainterhotel.com
Sending IP: 185.200.242.182
From: Yasir Khan <info@europe.pall.com>
Reply-To: quotation@europe.pall.com
Subject: FC-21565 - SEPCO / ARAMCO & ENI MGS-I / BGCS 3 & 5 - RFQ PROJECT (OPEN QUOTE) // Quote # 2140-PSI-NOV-Rev 0 -2020
Attachment: FC 21565 Project Specification_PDF.7z (contains "FC 21565 Project Specification_PDF.exe")