MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40
SHA3-384 hash: 9b1de729d3194cd4fb974207ed6ffc8afa2f9d40ef2875bd5091b07428a177851567f78e5631001c3e12c79c38351a69
SHA1 hash: 8431d25f8e5ae6070c369769628b96580d1a2c51
MD5 hash: edcc3636602c6ab944bfa6d5372649d9
humanhash: crazy-high-nuts-whiskey
File name:0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40.jar
Download: download sample
File size:17'906'007 bytes
First seen:2026-03-17 13:55:37 UTC
Last seen:Never
File type:Java file jar
MIME type:application/zip
ssdeep 393216:tDLHD4oru3NKMYfFZLDLnF5YERMIPDKu2T2vvKM9EY:tD/4OudKbrLDLF5HJB2TQrn
TLSH T1DF071122E046B5F5D99B143620A300A2353D22F6E54BC07894E8AD7E8D5FC4A3F5DB7E
TrID 77.1% (.JAR) Java Archive (13500/1/2)
22.8% (.ZIP) ZIP compressed archive (4000/1)
Magika jar
Reporter JAMESWT_WT
Tags:jar SugarSMP

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40.jar
Verdict:
Malicious activity
Analysis date:
2026-03-17 13:57:18 UTC
Tags:
anti-evasion discord evasion stealer aegis
Link:
https://app.any.run/tasks/bb02a410-89cc-4592-8553-8166e90eb192

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/57736/
Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69b95d9693b644ca466ae5ed
Tags:
shellcode
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-vm bash evasive lolbin macros-on-close wmic
Link:
https://www.filescan.io/uploads/69b95d822000fc76c3e5ad48/reports/103e844a-2eb3-4051-9106-e2f945230616/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40
Verdict:
Malicious
File Type:
jar
Detections:
HEUR:Trojan-PSW.Java.Generic HEUR:Trojan-PSW.Java.Stealer.gen
Link:
https://opentip.kaspersky.com/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40/results?tab=lookup
Score:
0%
Verdict:
Benign
File Type:
ARCHIVE
Link:
https://malprob.io/report/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40/
Verdict:
Malicious
Threat:
Family.AEGIS
Link:
https://tip.neiki.dev/file/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=aiq5ayajxgciupq34ncal7xr2wdlqtirl4ibbhpi7hbojadln5aa._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
defense_evasion
Link:
https://tria.ge/reports/260317-q8vlwadz2v/
Behaviour
Suspicious use of WriteProcessMemory
Views/modifies file attributes
Loads dropped DLL
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.65
Link:
https://yomi.yoroi.company/submissions/0221d06009b9848a3e1be34405fef1d586b84d115f10109de8f9c2e4806b6f40

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/57736/

Comments