MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MicroStealer


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29
SHA3-384 hash: 310bfb912a4a3dccf1116a1bfb461e767d6fe05fe8c404683dcc815cd0aeebe85fc9edbcb76f62e2187a42de26f54beb
SHA1 hash: 2ffe9a9cf5b19399469635a3024a6776ff3f8b4e
MD5 hash: 1b29b5ce99eb5040be2192cae662bc5a
humanhash: indigo-seventeen-zebra-mountain
File name:loader.exe
Download: download sample
Signature MicroStealer
Create hunting rule
File size:89'353'728 bytes
First seen:2026-02-08 09:31:19 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 359e649ab913e838011b9d61180c7f7f (1 x MicroStealer)
ssdeep 786432:U4WW714JtHT4bC6UvH2zMbDSpgPVlcmp:U4Wu4JtHT+nzmNb
TLSH T13A187D13B3A705D5E8FBDA7096E652236932BC066F3095DF324C07262F73AE05A76B11
TrID 63.5% (.EXE) Win64 Executable (generic) (10522/11/4)
12.2% (.EXE) OS/2 Executable (generic) (2029/13)
12.0% (.EXE) Generic Win/DOS Executable (2002/3)
12.0% (.EXE) DOS Executable Generic (2000/1)
Magika pebin
Reporter abuse_ch
Tags:de-pumped exe MicroStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
2'537
Origin country :
NL NL
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/04c19587-8f42-4156-9708-01e31e79663e/
Malware family:
n/a
ID:
1
File name:
loader.exe
Verdict:
No threats detected
Analysis date:
2026-02-08 09:34:44 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/b2a9ca46-6824-4301-b787-503b58a36adc

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=698858394c8b031249cd5aa9
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:

Behaviour
Creating a file
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
adaptive-context anti-debug crypto fingerprint microsoft_visual_cc
Link:
https://www.filescan.io/uploads/69885826930564ff3c921517/reports/9681e1a9-4edf-4f3d-b0e8-90dd21831342/overview
Verdict:
Suspicious
Labled as:
Malware_51.8
Link:
https://www.hybrid-analysis.com/sample/8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29
Verdict:
Clean
File Type:
exe x64
First seen:
2026-02-08T08:04:00Z UTC
Last seen:
2026-02-08T08:15:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29/results?tab=lookup
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
2 / 100
Link:
https://www.joesandbox.com/analysis/1865463
Behaviour
Behavior Graph:
n/a
Score:
0%
Verdict:
Benign
File Type:
PE
Link:
https://malprob.io/report/8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29
Gathering data
Verdict:
Clean
Link:
https://tip.neiki.dev/file/8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29
Threat name:
Win64.Malware.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2026-02-08 09:32:38 UTC
File Type:
PE+ (Exe)
Extracted files:
18
AV detection:
5 of 24 (20.83%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rl73wsqeg46642qcyrhat553mrfkejfn7leb5mzqiv5dldpu7yuq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260208-lhsmdagz6e/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

MicroStealer

zip 5b4a71057e82b3c22f8c585d64ac367f8dc01d12359e432fa9c525253f474e8e

MicroStealer

Executable exe 8affbb4a04373dee6a02c44e09f7bb644aa224adfac81eb330457a358df4fe29

(this sample)

  
Dropped by
MD5 af04ac65c43f338075583ea164e1458a
  
Dropped by
SHA256 5b4a71057e82b3c22f8c585d64ac367f8dc01d12359e432fa9c525253f474e8e

Comments