MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9374c211fc924cac59bacbe5a688f3a25f740cb324d58b239da0c070b7393749. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 9374c211fc924cac59bacbe5a688f3a25f740cb324d58b239da0c070b7393749
SHA1 hash: 29c773b71fff8c23cd2b85d3ceed990b7f3b9404
MD5 hash: 1c3d2dae318e1747e77626592a53186d
File name:DHL293413110038.exe
Download: download sample
Signature FormBook
File size:393'216 bytes
First seen:2020-05-22 13:43:44 UTC
Last seen:2020-05-22 15:01:51 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 6144:TDOQxwqyqhp2/Q4xKO1ktqThKT5D0ISq/AXK6eew3Fs8wQqI8LVZWr50bzV:HOSwqyqhpqQEKO1aqThOJSqKsew3m8ml
TLSH 1C849D2423CC8557CAADC5B7C0D2590343E8E46E098FA78ADCD9A1EA7F573B3D842587
Reporter @abuse_ch
Tags:DHL exe FormBook

Malspam distributing FormBook:

Sending IP:
From: DHL <>
Subject: DHL Pickup Confirmation DHL293413110038
Attachment: DHL293413110038.IMG (contains "DHL293413110038.exe")


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 31
Origin country US US
VirusTotal:Virustotal results 33.33%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe 9374c211fc924cac59bacbe5a688f3a25f740cb324d58b239da0c070b7393749

(this sample)

Delivery method
Distributed via e-mail attachment