MalwareBazaar Database
This page shows some basic information the YARA rule TelegramAPIMalware_PowerShell_EXE including corresponding malware samples.
Database Entry
| YARA Rule: | TelegramAPIMalware_PowerShell_EXE |
|---|---|
| Author: | @polygonben |
| Description: | Hunting for pwsh malware using Telegram for C2 |
| Firstseen: | 2025-10-22 15:30:08 UTC |
| Lastseen: | 2025-12-31 23:42:58 UTC |
| Sightings: | 396 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|