Statistics

Top Reporters Signatures (Malware Family) Most downloaded Malware Samples Most discussed Malware Samples Most used tags Clamav signature ReversingLabs CAPE Sandbox CERT.PL MWDB File Types imphashes ssdeep

Number of submissions (past 30 days)

The chart below documents the number of submissions (unique malware samples) to MalwareBazaar per day over a period of 30 days.

Top Reporters

It wouldn't be possible to operate MalwareBazaar without the help of volunteers who contribute malware samples to MalwareBazaar. The table below shows the top reporters and their Twitter handle.

Rank	Reporter	Submissions
1	@lazyactivist192	63'162
2	@Seifreed	48'946
3	@abuse_ch	44'118
4	@Cryptolaemus1	34'885
5	@JAMESWT_MHT	10'145
6	@SecuriteInfoCom	5'481
7	@FORMALITYDE	5'407
8	@jarumlus	5'257
9	@cocaman	4'439
10	@James_inthe_box	2'390
11	@defconisov3r	2'312
12	@GovCERT_CH	1'911
13	@Jouliok	1'889
14	@malware_traffic	1'235
15	@raashidbhatt	1'104

Top Malware Family

Most seen malware family (signature) associated with malware samples on MalwareBazaar.

Most downloaded Malware Samples

Most downloaded malware samples on MalwareBazaar.

Downloads	Malware Sample	Type	Reporter
2'445	f0ad6a854cc6b8511c0499267c59c3e9a987845c912f3da030dd5a2201978385	sh	@defconisov3r
2'368	afb4b0092c76214b9ac99cf9c00ae56163916c04e7713bd56a38abf07a81a7d7	html	@TheGing3rm4n
2'359	0a1375c20684fb7bba86548825e2e16ce0ad34c21da4b562e8774df154aa8c67	cab	@cocaman
2'359	02419de92a33a88bc17701008182ca9f7ea8d4645311b837b98738acdea83254	sh	@defconisov3r
2'353	5470f0644589685000154cb7d3f60280acb16e39ca961cce2c016078b303bc1b	unknown	@Threat_hunts
2'340	7fad486d054e36626a9842c99b2ff58dbf9e264d8faf45b3376afa02f0e829a7	sh	@defconisov3r
2'339	455e09d22b9e9b172e5cf25a87f70c079bf97edc0295251a42f48211caf5043f	vbs	@creP_R2point0
2'333	42f8b10e4051c44e24067701b80674ac907fb49435cbb300e6b3fd6902d3de27	unknown	@defconisov3r
2'332	b4e670799c0a241b69b231fd9a1d3c2e2a29b4d4d67c9bf746c01a6f19b0210d	sh	@defconisov3r
2'331	c2577719ac323c385fdae61c336d5582472c2441ac1ec0699ec0948305ae8786	sh	@defconisov3r
2'331	37ed866abc19465aa2172d651bbd3ffe2836add54ba3065ff7189f1a75410d9f	unknown	@Marco_Ramilli
2'325	61043ee383ff19ba6d5e65e455dd8d1170f1f6365dfb9c9c0764171f519ceb55	sh	@defconisov3r
2'324	cf932ebbd2a2684dec9a823f2c223ef1666a18683dc342f45d71d99508624e88	sh	@defconisov3r
2'322	560393402e176329d8bf14ad5bef7ab8e1d079f62a569600bad6daba2ccd25e3	sh	@defconisov3r
2'322	eb4fdda796cd2cfef2d7ba81951817d4dbda6b777ea0f55e83b9307fb5bd6145	sh	@defconisov3r

Most discussed Malware Samples

Most discussed (commented) malware samples on MalwareBazaar.

Comments	Malware Sample	Type	Signature
10	97bb6f30d2fe5546a810da356e41652d1bccfe2130cf77dec36b9ee17c19259d	xls	Dridex
4	7277388a0a82e85fe6eb38ed47bd5640c74f10be64ee6e9b8610c49b73328859	7z	HawkEye
3	e97b35c4339e0412571a445b2fe20e30fe91585cad505820b56a098a66e54c23	exe	AgentTesla
3	f4841b9b9006e327d58c8d6fb6e1bb3699d05fcd10fcaf7adcdde47efccb13b3	zip
3	0994e0972430f7cf02b66c290b6e62666c14da2ca9ad369e7cf5447313dc8550	exe	TrickBot
3	667f88e8dcd4a15529ed02bb20da6ae2e5b195717eb630b20b9732c8573c4e83	doc	Phobos
2	251643f0b539eb872ebeb216f1b71f0f8dc8301276ea63dbfdf10a7267ac7379	zip
2	9aa75631b7a56a84117e5aed0540fb74dfcde2c36d52744156381c9161603e28	zip
2	4489591775f245687f693d6c2463835297e0908c9f7501e53567bc9369a73b91	zip
2	3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6	zip

Top Tags

Most seen tags associated with malware samples on MalwareBazaar.

Top ClamAV signature

Most seen ClamAV signature detecting malware samples on MalwareBazaar.

ReversingLabs

Top threat name matching malware samples on MalwareBazaar.

CAPE Sandbox

Top detection matching malware samples on MalwareBazaar.

CERT.PL MWDB

Top malware family on MalwareBazaar.

Top File Types

Most seen file types associated with malware samples on MalwareBazaar.

Top imphashes

Most seen imphashes on MalwareBazaar.

Malware Sample	imphash	Top 4 Signatures
27'216	f34d5f2d4577ed6d9ceec516c1f5a744	AgentTesla Formbook njrat MassLogger
9'777	c9f7e018b269f1b5fe81cf757d6f8e93	Heodo
3'193	87bed5a7cba00c7e1f4015f1bdae2183	Netsky Rapid njrat VTFlooder
1'958	50f8a2255c4baf188eb0098c86160f78	Heodo
1'506	015974618e9105226f001019d35e62e5	Quakbot
1'433	676f4bc1db7fb9f072b157186a10179e	AveMariaRAT Riskware.Generic
1'367	6a92ab663de3ecd4063c87695c1ffbc2	Heodo TrickBot
1'343	afcdf79be1557326c854b6e20cb900a7	AgentTesla RemcosRAT NanoCore QuasarRAT
1'240	0b23b9ad9f12b8fc28e61bff35382e32	TrickBot
1'013	19668c85de12e47a09378b664ab8bd1f	Heodo

Top ssdeep hashes

Most seen ssdeep hashes on MalwareBazaar.

Malware Sample	ssdeep	Signature(s)
1'124	12288:J2+J+l5QvSoOUkQNPRoswLLjfsHJNF05s:AJl5QrrkQFCHspN4	Quakbot
1'123	12288:U2+J+l5QvSoOUkQGPRoswLLjfsHJNF05F:PJl5QrrkQOCHspN4	Quakbot
1'121	12288:l2+J+l5QvSoOUkQiPRoswLLjfsHJNF05h:8Jl5QrrkQaCHspN4	Quakbot
373	3072:IFNthWQl/rSJ7lvt9filcZritkrINAEYsm2:IBhWQ/mJLflrOAp2	Gozi Heodo
307	12288:xyP2Md2hn+tDKFtKwK5KLK6KYK5KlK3K1aoNl7Mv+lwVwy:grdO+tDKFQoNOml	TrickBot
180	384:/nqmQF9b8PdvtUuiyaFwrEnO2/7vUU2aGcuFjqZ5g:Sme9bodlpkqkOOjUdaGciq5g	Quakbot
180	384:PnqmQF9b8PdvtUuiyaFwrEnO2/7vUyV2aGcuFjqZUb:Cme9bodlpkqkOOjU/aGciqUb	Quakbot
180	384:fnqmQF9b8PdvtUuiyaFwrEnO2/7vUU2aGcuFjqZ5g:yme9bodlpkqkOOjUdaGciq5g	Quakbot
179	384:/nqmQF9b8PdvtUuiyaFwrEnO2/7vUjqN2aGcuFjqZM:Sme9bodlpkqkOOjUjqgaGciqM	Quakbot
179	384:/nqmQF9b8PdvtUuiyaFwrEnO2/7vUyV2aGcuFjqZUb:Sme9bodlpkqkOOjU/aGciqUb	Quakbot