Statistics

Top Reporters Signatures (Malware Family) Most downloaded Malware Samples Most discussed Malware Samples Most used tags Clamav signature ReversingLabs CAPE Sandbox CERT.PL MWDB File Types imphashes ssdeep

Number of submissions (past 30 days)

The chart below documents the number of submissions (unique malware samples) to MalwareBazaar per day over a period of 30 days.


Top Reporters

It wouldn't be possible to operate MalwareBazaar without the help of volunteers who contribute malware samples to MalwareBazaar. The table below shows the top reporters and their Twitter handle.

RankReporterSubmissions
1Twitter @abuse_ch26'953
2Twitter @JAMESWT_MHT6'767
3Twitter @jarumlus5'154
4Twitter @SecuriteInfoCom4'204
5Twitter @defconisov3r2'312
6Twitter @cocaman1'739
7Twitter @Jouliok1'679
8Twitter @James_inthe_box1'202
9Twitter @raashidbhatt1'104
10Twitter @Marco_Ramilli962
11Twitter @viql759
12Twitter @c_APT_ure510
13Twitter @tildedennis462
14Twitter @malware_traffic254
15Twitter @Racco42226

Top Malware Family

Most seen malware family (signature) associated with malware samples on MalwareBazaar.

Most downloaded Malware Samples

Most downloaded malware samples on MalwareBazaar.

DownloadsMalware SampleTypeSignatureReporter
1'841f0ad6a854cc6b8511c0499267c59c3e9a987845c912f3da030dd5a2201978385 shTwitter @defconisov3r
1'828426110407bdba9dfe5a4f6d39d6369c8baf47008d7738765c3eb7d1ee62e3344Executable exeAgentTeslaTwitter @James_inthe_box
1'82402419de92a33a88bc17701008182ca9f7ea8d4645311b837b98738acdea83254 shTwitter @defconisov3r
1'8185470f0644589685000154cb7d3f60280acb16e39ca961cce2c016078b303bc1bunknownTwitter @Threat_hunts
1'8180a1375c20684fb7bba86548825e2e16ce0ad34c21da4b562e8774df154aa8c67 cabTwitter @cocaman
1'816afb4b0092c76214b9ac99cf9c00ae56163916c04e7713bd56a38abf07a81a7d7 htmlTwitter @TheGing3rm4n
1'813455e09d22b9e9b172e5cf25a87f70c079bf97edc0295251a42f48211caf5043fVisual Basic Script (vbs) vbsTwitter @creP_R2point0
1'8127fad486d054e36626a9842c99b2ff58dbf9e264d8faf45b3376afa02f0e829a7 shTwitter @defconisov3r
1'80942f8b10e4051c44e24067701b80674ac907fb49435cbb300e6b3fd6902d3de27unknownTwitter @defconisov3r
1'807c2577719ac323c385fdae61c336d5582472c2441ac1ec0699ec0948305ae8786 shTwitter @defconisov3r
1'80537ed866abc19465aa2172d651bbd3ffe2836add54ba3065ff7189f1a75410d9funknownTwitter @Marco_Ramilli
1'803b4e670799c0a241b69b231fd9a1d3c2e2a29b4d4d67c9bf746c01a6f19b0210d shTwitter @defconisov3r
1'79961043ee383ff19ba6d5e65e455dd8d1170f1f6365dfb9c9c0764171f519ceb55 shTwitter @defconisov3r
1'798ac35daaaeffa295d164584b7f41ae260f09421e7feb4b0eb4f5f72d8a62f1429 shTwitter @defconisov3r
1'798cf932ebbd2a2684dec9a823f2c223ef1666a18683dc342f45d71d99508624e88 shTwitter @defconisov3r

Most discussed Malware Samples

Most discussed (commented) malware samples on MalwareBazaar.

CommentsMalware SampleTypeSignature
1097bb6f30d2fe5546a810da356e41652d1bccfe2130cf77dec36b9ee17c19259dExcel file xlsDridex
47277388a0a82e85fe6eb38ed47bd5640c74f10be64ee6e9b8610c49b73328859 7zHawkEye
3e97b35c4339e0412571a445b2fe20e30fe91585cad505820b56a098a66e54c23Executable exeAgentTesla
30994e0972430f7cf02b66c290b6e62666c14da2ca9ad369e7cf5447313dc8550Executable exeTrickBot
2251643f0b539eb872ebeb216f1b71f0f8dc8301276ea63dbfdf10a7267ac7379 zip 
29aa75631b7a56a84117e5aed0540fb74dfcde2c36d52744156381c9161603e28 zip 
24489591775f245687f693d6c2463835297e0908c9f7501e53567bc9369a73b91 zip 
23fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6 zip 
22cf671173d9af2f550adcb58b7c8aa914164d52400363680cf476af85b9bfab2Executable exeAgentTesla
2106c696661843eecc63c0fb98ddb77402172b50c7b33be3a59984531ce6a9b64 imgGuLoader

Top Tags

Most seen tags associated with malware samples on MalwareBazaar.

Top ClamAV signature

Most seen ClamAV signature detecting malware samples on MalwareBazaar.

ReversingLabs

Top threat name matching malware samples on MalwareBazaar.

CAPE Sandbox

Top detection matching malware samples on MalwareBazaar.

CERT.PL MWDB

Top malware family on MalwareBazaar.

Top File Types

Most seen file types associated with malware samples on MalwareBazaar.

Top imphashes

Most seen imphashes on MalwareBazaar.

Malware SampleimphashTop 4 Signatures
14'171f34d5f2d4577ed6d9ceec516c1f5a744AgentTesla Formbook njrat NanoCore
1'2400b23b9ad9f12b8fc28e61bff35382e32TrickBot
9553d95adbf13bbe79dc24dccb401c12091AgentTesla NanoCore Loki HawkEye
806afcdf79be1557326c854b6e20cb900a7AgentTesla RemcosRAT NanoCore Loki
5174f055c6d104f67955b2fc107928fe0dcHeodo
374d97b710a90a979a9ba1fac5e1ea6c332Gozi Heodo
327c8c95a8437da5797cf192c4cf27b186fGozi
31230625d671f2d3abf2a3e2df54581f47bTrickBot
3000885b2b2b5829577912d5197330fc416TrickBot
269bac78d68d76cec273167912251c74570Plugx

Top ssdeep hashes

Most seen ssdeep hashes on MalwareBazaar.

Malware SamplessdeepSignature(s)
3733072:IFNthWQl/rSJ7lvt9filcZritkrINAEYsm2:IBhWQ/mJLflrOAp2Gozi Heodo
30712288:xyP2Md2hn+tDKFtKwK5KLK6KYK5KlK3K1aoNl7Mv+lwVwy:grdO+tDKFQoNOmlTrickBot
15112288:OrQ0n1IYaHUBzy7JJI7vJ0GKjp5VCU/U+hdNt:RM1IYaHI8JJuvuGWp9lhpTrickBot
1516144:otEtEtEtEtEtEtEtEtEtEt9WO2gUXdCpnZavQq:Ceeeeeeeeee9xwcaGozi
676144:uXKJlnagpOWod1+3Ea6dDeCR7yaEnC+lbUGhclavUr1M5Hs+cI9:rpwYGRb+lbUqcl2Ur25Hs5ITrickBot
5324576:J6Hgf/6dDtGFJNk0Lx9RuUp9RZhWtnRO64Adfo/AS0joDfm6D+fQl8qOPBrE9+y:J6Hgf/6dDtGFJNk0Lx9RuUp9RZhWtq+yDarkComet DarktrackRAT
441536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUGLoki
3512288:QboBb/W9ANGBAFb5i0P6HfewKQLYg0yCx:4xBAiAHwfzTrickBot
316144:XllmzPYXUMm0hj++Mz+wFGac08SAfl+MA5yk:KrYnm+wFgHelTrickBot
283072:/drfV7YqW8waq6ciakIC/BwdrZ4P8Y5gla79yQ1yAnYgoFC3Wxl2G7mr3HWJtRIn:FrV7YqW83q6ciH/B6QZn8nTIIcedID