MalwareBazaar Database

You are browsing the malware sample database of MalwareBazaar. If you would like to contribute malware samples to the corpus, you can do so through either using the web upload or the API.


497

Submissions (past 24 hours)

AgentTesla

Most seen malware family (past 24 hours)

569'545

Malware samples in corpus


Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database


Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

  • md5:1b109efade90ace7d953507adb1f1563 ( run)
  • sha256:11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44 ( run)
  • signature:CobaltStrike ( run)
  • tag:TA505 ( run)
  • file_type:rtf ( run)
  • user:malware_traffic ( run)
  • clamav:SecuriteInfo.com.Artemis1FBB04F6EAF7.17086.UNOFFICIAL ( run)
  • yara:win_asyncrat_j1 ( run)
  • serial_number:51CD5393514F7ACE2B407C3DBFB09D8D ( run)
  • issuer_cn:Sectigo RSA Code Signing CA ( run)
  • imphash:756fdea446bc618b4804509775306c0d ( run)
  • tlsh:8DD484F440EF10A2F25F852936ADBE9401B2B1C7DBDA5E08137DE5311BBDA633A0564D ( run)
  • telfhash:52d0a7c198b4972c99e60578ed5c5bb29106216620070b20cf10a5d4d83b440f40db59 ( run)
  • gimphash:b43f35a8610180bcb184238555a0858a6c160a2d872566e7e9633221308b34fd ( run)
  • dhash_icon:f8dcbeffbffecee8 ( run)

Date (UTC)SHA256 hashTypeSignatureTagsReporterDL
2022-08-05 22:5005379ea4600304f51cffa8d1ee9e3b2931a69129f6bed14d45a500d966a71fcaExecutable exeDCRatDCRat exe @abuse_ch