MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 eaa6f0f01dba6489d0dc63d8ca4ce302aa991634aee7c7844a6863f1ddd252fb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 4 Yara Comments

SHA256 hash: eaa6f0f01dba6489d0dc63d8ca4ce302aa991634aee7c7844a6863f1ddd252fb
SHA3-384 hash: c2c445127902e7c13c219c9130c287f13f3285eace40776538f9aa47c4fc7f93afcab678f7b5028dd1679fcbd5f2ae1b
SHA1 hash: db9c5152facc7ee2a4b01ec4d85c1159054e5ff8
MD5 hash: 45d439f8c5a31999e0c3c8b1462a5668
humanhash: apart-spaghetti-bulldog-black
File name:Acount Details.iso
Download: download sample
Signature FormBook
File size:360'448 bytes
First seen:2020-06-30 12:09:45 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 6144:GOXVqAa5ErcfDCCGo8qk0lnvgS3FHLQB/EXhBsiPlN3Vj4:GOFqAkTUqk0lnvftQ2XhdPX3VM
TLSH 9874F132B3B56B28EAB997B691B160100FB7B90B5470C269BDAC35CA0F73750D211F67
Reporter @abuse_ch
Tags:FormBook iso


Twitter
@abuse_ch
Malspam distributing FormBook:

HELO: mta2.centosvps.xyz
Sending IP: 185.163.44.88
From: worldtradingitems@gmail.com
Attachment: Acount Details.iso (contains "Acount Details.com")

Intelligence


Mail intelligence
Trap location Impact
Global Low
# of uploads 1
# of downloads 27
Origin country US US
ClamAV SecuriteInfo.com.Generic-EXE.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/eaa6f0f01dba6489d0dc63d8ca4ce302aa991634aee7c7844a6863f1ddd252fb/
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Geniso
First seen:2020-06-30 12:11:07 UTC
AV detection:13 of 31 (41.94%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:No data

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

FormBook

iso eaa6f0f01dba6489d0dc63d8ca4ce302aa991634aee7c7844a6863f1ddd252fb

(this sample)

  
Dropping
FormBook
  
Delivery method
Distributed via e-mail attachment

Comments