MalwareBazaar Database

You are browsing the malware sample database of MalwareBazaar. If you would like to contribute malware samples to the corpus, you can do so through either using the web upload or the API.


517

Submissions (past 24 hours)

Smoke Loader

Most seen malware family (past 24 hours)

568'499

Malware samples in corpus


Using the form below, you can search for malware samples by a hash (MD5, SHA256, SHA1), imphash, tlsh hash, ClamAV signature, tag or malware family.

Browse Database


Search syntax is as follow: keyword:search_term

Following is a list of accepted keywords along with an example search_term

  • md5:1b109efade90ace7d953507adb1f1563 ( run)
  • sha256:11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44 ( run)
  • signature:CobaltStrike ( run)
  • tag:TA505 ( run)
  • file_type:rtf ( run)
  • user:malware_traffic ( run)
  • clamav:SecuriteInfo.com.Artemis1FBB04F6EAF7.17086.UNOFFICIAL ( run)
  • yara:win_asyncrat_j1 ( run)
  • serial_number:51CD5393514F7ACE2B407C3DBFB09D8D ( run)
  • issuer_cn:Sectigo RSA Code Signing CA ( run)
  • imphash:756fdea446bc618b4804509775306c0d ( run)
  • tlsh:8DD484F440EF10A2F25F852936ADBE9401B2B1C7DBDA5E08137DE5311BBDA633A0564D ( run)
  • telfhash:52d0a7c198b4972c99e60578ed5c5bb29106216620070b20cf10a5d4d83b440f40db59 ( run)
  • gimphash:b43f35a8610180bcb184238555a0858a6c160a2d872566e7e9633221308b34fd ( run)
  • dhash_icon:f8dcbeffbffecee8 ( run)

Date (UTC)SHA256 hashTypeSignatureTagsReporterDL
2022-08-26 13:53143da094a0b60b89f54f5726d04a4bd22676cc3da41e3fd92e83df887608c84fphp machoCobaltStrikeCobalStrike CobaltStrike machO macOS @r3dbU7z
2022-05-27 08:42b117f042fe9bac7c7d39eab98891c2465ef45612f5355beea8d3c4ebd0665b45php macho machO macOS pymafka @Jouliok
2022-04-29 08:472a9296ac999e78f6c0bee8aca8bfa4d4638aa30d9c8ccc65124b1cbfc9caab5fphp macho Gimmick machO macOS @petikvx
2022-02-27 03:18f72932f0b41813415d531e3b6457a9bdbe16458f8f7a70000d5aae8adeceb4c0Java file jar artsploit jar macOS @r3dbU7z
2022-01-13 14:04812bcde2878b85992017351af4410c7b3ad097a434862aafb8fd97640d3d78b9 zipSysJokermacOS SysJoker zip @JAMESWT_MHT
2022-01-13 14:03e83f6fdf04928cf1be0cec6c4c5a583561a06b5c18b559dc2298ae174709bf68php machoSysJokermachO macOS SysJoker @JAMESWT_MHT
2022-01-13 13:45d0febda3a3d2d68b0374c26784198dc4309dbe4a8978e44bb7584fd832c325f0php macho machO macOS SysJoker @JAMESWT_MHT
2022-01-13 13:45fe99db3268e058e1204aff679e0726dc77fd45d06757a5fda9eafc6a28cfb8dfphp macho machO macOS SysJoker @JAMESWT_MHT
2021-10-22 07:36c19033444f29cb397cb64feed48c8343010c07565eb9c74f570dd4bca6fecee5 zip mac macOS OSX UpdateAgent WizardUpdate zip @JAMESWT_MHT
2021-10-22 07:18302ad1644228fadb3a049f9c9ee81fba763dab4993f8f9f1187cb97ff3e67567unknown mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:18373007eccde6d89930c2235160d18d7f4f268547ec789540cd6e1b08de3e7e96unknown mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:17f2d2f7d133309fe0afacbfac26475ac269c7413a97bf695c1360e0b468faf8d6 zip mac macOS OSX UpdateAgent WizardUpdate zip @JAMESWT_MHT
2021-10-22 07:17eafacc44666901a5ea3c81a128e5dd88d0968a400d74ef1da5c2c05dc6dd7a39unknown mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:1778b4478cd3f91c42333561abb9b09730a88154084947182b2ec969995b25ad78php macho mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:1700f78d0981f72d957946d6349ab87e9be22988418e15a870200f9adbe1384ce9 zip mac macOS OSX UpdateAgent WizardUpdate zip @JAMESWT_MHT
2021-10-22 07:17a98ecd8f482617670aaa7a5fd892caac2cfd7c3d2abb8e5c93d74c344fc5879cphp macho mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:17939cebc99a50989ffbdbb2a6727b914fc9b2382589b4075a9fd3857e99a8c92aphp macho mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:17c5017798275f054ae96c69f5dd0b378924c6504a70c399279bbf7f33d990d45bphp macho mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-10-22 07:177067e6a69a8f5fdbabfb00d03320cfc2f3584a83304cbeeca7e8edc3d57bbbd4php macho mac macOS OSX UpdateAgent WizardUpdate @JAMESWT_MHT
2021-08-02 09:3846adfe4740a126455c1a022e835de74f7e3cf59246ca66aa4e878bf52e11645dphp macho macOS OSX xloader @JAMESWT_MHT
2021-07-26 21:1297d6b194da410db82d9974aec984cff8ac0a6ad59ec72b79d4b2a4672b5aa8aaphp macho machO macOS xloader @is_henderson
2021-06-17 14:02902518be7e77136c91591bac4e51ea00a9143511aa9c63be908def3bbc992e8fWord file doc doc macOS macro @dez_
2021-05-14 19:42e66424d5939eec81a71bfc5e1dd9e991ac2f206a72280ba6b0f8a07c0198f57fphp macho arm64 Bundlor Mach-O macOS MapperState x86 @is_henderson
2021-05-07 17:55208000cf38921346c9b163e5ab4607de5bb5158ff5eb9765989d07f7d1c4593bphp macho Mach-O macOS upxHook @r3dbU7z
2021-04-29 23:4170c6f9da05046525605e2066185929c2659e27a3851dc43d8aa69e2692e6154funknown dmg gatekeeper macOS Shlayer Anonymous
2021-03-11 07:36409f1b4aeb598d701f6f0ed3b49378422c860871536425f7835ed671ba4dd908php macho macOS Silver Sparrow @JAMESWT_MHT
2021-03-11 07:36d710cc1d6928b251bf42e9066432b1890891283fc0d2f8e0699de9664cdc2a91unknown macOS Silver Sparrow @JAMESWT_MHT
2021-03-11 07:365c1704367332a659f6e10d55d08a3e0ab1bd26aa97654365dc82575356c80502php macho macOS Silver Sparrow @JAMESWT_MHT
2021-02-23 01:561c96afba69523dfea0d57e9b9c34334ea5d3db083ff47f66cc0b87de7f66c979unknown M1 mac macOS SilverSparrow @is_henderson
2021-02-23 01:564118baecea2847ae38b244739b0670859b4fb305f6e4bba1e473957c5d0f2912unknown mac macOS SilverSparrow x86_64 @is_henderson
2021-02-23 01:531decb4070db4dfe5d68ba502cf3a67de96a69ea6f3acfa4454795f96472ccc0dunknown mac macOS SilverSparrow x86_64 @is_henderson
2021-02-23 01:52c7dd06b20b64b64d3b155b6b77c2778a08ef6a6c0396d7537af411258e57af1eunknown M1 mac macOS SilverSparrow @is_henderson
2021-02-15 10:55b043424c3805be626f058a0f4958422b78481ceef7e51b6be26a20438993ed83php macho macOS Metasploit Shellcode @r3dbU7z
2021-01-19 21:450e1de810ebccdaf6ae70f6d02a44231b43c14c4357feff8a62fe4683e92277b0php machoMeterpreterbackdoor macOS Meterpreter @r3dbU7z
2020-10-01 17:01522a5015d4d11833ead6d88d4405c0f4119ff29b1f64b226c464e958f03e1434php macho IPStorm macOS @JAMESWT_MHT
2020-09-17 17:124cf88ff2bc165ff98d6e4b7d02d44126892fdb417bdc30aa3c8209b8cf4bb890php macho golang macOS Ransomware smaug @JAMESWT_MHT
2020-07-01 06:44f409b059205d9a7700d45022dad179f889f18c58c7a284673975271f6af41794php macho macOS OSX Ransomware @JAMESWT_MHT
2020-07-01 06:44d43291684d6412f537d7f2001c21ad58313643a3556b730c287aed2015624a31php macho macOS OSX Ransomware @JAMESWT_MHT
2020-07-01 06:43b24dd25b42e82a9b4a3fedf05913a4318154e6b04d7e54510f9d3dcf4c8d3438php macho macOS OSX Ransomware @JAMESWT_MHT
2020-07-01 06:431420302b6b023e7aa665bd421e6dc7808ed91f6c6689aeff35b80124fc04c10bphp macho macOS OSX Ransomware @JAMESWT_MHT
2020-07-01 06:426d8b9d052d6a324fced47690234291306cdc744613302a922c72390c4dedae42php macho macOS OSX Ransomware @JAMESWT_MHT
2020-07-01 06:423afb321a3e194a41da2ee825c922da21205cf64003e39b73ccc8b3a2fb80acbcphp macho macOS OSX Ransomware @JAMESWT_MHT