MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529
SHA3-384 hash: 2a941bd0b52cafdc784b5fac2f9252983f8f7f0df3347b385100a76ad40fa8377a4c7405fa0fa13c46a826c44778c8fb
SHA1 hash: 92e9dcaf7249110047ef121b7586c81d4b8cb4e5
MD5 hash: 0ff6abe0252d4f37a196a1231fae5f26
humanhash: football-aspen-crazy-island
File name:07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529.bin
Download: download sample
File size:44'580 bytes
First seen:2026-04-27 06:13:29 UTC
Last seen:2026-05-17 10:40:20 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash c8bf06793ceb6bc97d4c171ba233a333
ssdeep 384:sdSiaLb/N8c7FX9X7vnwApsb69uGENx9uGENvisRj3aOf7JhpIHohwIHuENv7i6U:sIF8c7Ft73psb4nfV/IHkwIKPv
TLSH T18C13FB95B7C64812ECAA0D30DACA2331B7BBF4053E5B4F03525913AD1E577817E9AF22
TrID 25.6% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
25.3% (.EXE) Win64 Executable (generic) (6522/11/2)
17.5% (.EXE) Win32 Executable (generic) (4504/4/1)
8.0% (.ICL) Windows Icons Library (generic) (2059/9)
7.8% (.EXE) OS/2 Executable (generic) (2029/13)
Magika pebin
Reporter KodaDr
Tags:exe fast16 OT


Avatar
KodaDr
https://www.sentinelone.com/labs/fast16-mystery-shadowbrokers-reference-reveals-high-precision-software-sabotage-5-years-before-stuxnet/

Fast16.3

Intelligence

File Origin
# of uploads :
2
# of downloads :
111
Origin country :
RU RU
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
exe
Verdict:
No threats detected
Analysis date:
2026-04-27 06:16:01 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/f99848aa-d5a0-410d-996f-6e66d62e8760

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/63741/
Detection(s):
SecuriteInfo.com.Trojan.Fast16.2.22589.11233.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69eefecd51cce3ff70306084
Tags:
shellcode injection virus
Result
Verdict:
Clean
Maliciousness:

Behaviour
DNS request
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-debug masquerade microsoft_visual_cc overlay
Link:
https://www.filescan.io/uploads/69eefec681aa9ec3bc2a8cd7/reports/ce77c908-a3bc-41eb-86cf-c7842f7e2637/overview
Verdict:
Malicious
Labled as:
GrayWare[AdWare]/Presenoker
Link:
https://www.hybrid-analysis.com/sample/07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529
Verdict:
Malicious
File Type:
sys x32
First seen:
2026-04-24T03:43:00Z UTC
Last seen:
2026-04-27T11:45:00Z UTC
Hits:
~100
Link:
https://opentip.kaspersky.com/07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529/results?tab=lookup
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/2d3d8726-7164-4d81-ab66-7752bda1df9d
Score:
10%
Verdict:
Benign
File Type:
PE
Link:
https://malprob.io/report/07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529/
Threat name:
Win32.Trojan.Fast16
Create hunting rule
Status:
Malicious
First seen:
2016-10-10 21:32:01 UTC
File Type:
PE (Sys)
AV detection:
11 of 36 (30.56%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=a7dj7qzsohhvulhahla75v5dwfrvplwaspc37hxwd672inenauuq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260427-gzkkwaft9k/
Unpacked files
SH256 hash:
07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529
MD5 hash:
0ff6abe0252d4f37a196a1231fae5f26
SHA1 hash:
92e9dcaf7249110047ef121b7586c81d4b8cb4e5
Link:
https://www.unpac.me/results/8504ef4a-80ba-41ff-ab08-989c94cf5cfd/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/07c69fc33271cf5a2ce03ac1fed7a3b16357aec093c5bf9ef61fbfa4348d0529

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/63741/

Comments