MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AdaptixC2


Vendor detections: 13


Intelligence 13 IOCs YARA 3 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
SHA3-384 hash: 43c6dbb1dc2b26fa3f55c6559c88422048250c1de30cf62281bb832b29ef468f241bebdafcda5b965ad3d046b76561ba
SHA1 hash: 98e6cc80191a4cbb324a3bceecb7689274ed3ffa
MD5 hash: db9d6f2434e960b380c4a6073cb85b24
humanhash: colorado-lake-solar-idaho
File name:agent.exe
Download: download sample
Signature AdaptixC2
Create hunting rule
File size:84'992 bytes
First seen:2026-02-22 18:14:33 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 6b133001594cf90aafbcc38997fd46e7 (3 x AdaptixC2)
ssdeep 1536:jv5DkpcQqa1hAGH2GAd/SUcNQI+fNbm1M4V5R1RHZljA6d0tp1OHFkkN:jv5DfSQ0RNTEJtpo2
Threatray 42 similar samples on MalwareBazaar
TLSH T14E834236E6B3C4ADC05BC634AB8394B7B9F07C5C463475194781A6223B5FE386BBE580
TrID 45.6% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5)
18.0% (.EXE) Win64 Executable (generic) (6522/11/2)
13.9% (.EXE) Win16 NE executable (generic) (5038/12/1)
5.6% (.ICL) Windows Icons Library (generic) (2059/9)
5.6% (.EXE) OS/2 Executable (generic) (2029/13)
Magika pebin
Reporter juroots
Tags:AdaptixC2 exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
95
Origin country :
IL IL
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
_0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7.exe
Verdict:
Malicious activity
Analysis date:
2026-02-22 18:43:45 UTC
Tags:
adaptixc2
Link:
https://app.any.run/tasks/e9963b9e-7320-4816-b68c-a8ead4ff9726

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/54092/
Detection(s):
Win.Malware.Zusy-10058289-0
Create hunting rule

Win.Malware.Adaptixc-10058672-0
Create hunting rule

Win.Trojan.AdaptixC2-10058663-0
Create hunting rule

Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=699b47de8fffa866e3b0b4b4
Tags:
malware
Gathering data
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
anti-debug base64 mingw packed
Link:
https://www.filescan.io/uploads/699b47cbcd25bfe1dfd766a4/reports/4471df17-0b8f-43cb-be06-e7a647b17e7d/overview
Verdict:
Malicious
Labled as:
Zusy.Generic
Link:
https://www.hybrid-analysis.com/sample/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
Result
Gathering data
Verdict:
Malicious
File Type:
exe x64
Link:
https://opentip.kaspersky.com/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7/results?tab=lookup
Malware family:
AdaptixC2
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/b7c83315-1364-44de-8c4a-b73b248fefc1
Score:
97%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
Verdict:
inconclusive
YARA:
4 match(es)
Tags:
Executable PE (Portable Executable) PE File Layout Win 64 Exe x64
Link:
https://app.malva.re/file/db9d6f2434e960b380c4a6073cb85b24
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7/
Verdict:
Malicious
Threat:
Family.ADAPTIXC2
Link:
https://tip.neiki.dev/file/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
Threat name:
Win64.Trojan.Fragtor
Create hunting rule
Status:
Malicious
First seen:
2026-02-22 11:18:30 UTC
File Type:
PE+ (Exe)
AV detection:
17 of 36 (47.22%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bz6uqy3nfgszgyobhvqnzqlk74kkbyfrn6fb3u2gqjniwe46b33q._file
Verdict:
malicious
Label(s):
adaptixc2
Create hunting rule
Similar samples:
09492c8a5138c3c1f00d19fa2e1b798f271e2730d74e9de69e926d5c0a92f64e
AdaptixC2
0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
AdaptixC2
801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70
AdaptixC2
8174e9a6f26aa75242bc7e8f6f2fd29e6cf6fbac91f70174c0ffd329ea707bd8
AdaptixC2
cc59222114d66968d342258240c9cd56b4182ea432952073359fec07c7cc4853
AdaptixC2
ddfa43064097e71896ee6d75af3bc211bdeb847da40849c2789339c06b048771
AdaptixC2
error
AdaptixC2
+ 32 additional samples on MalwareBazaar
Result
Malware family:
adaptixc2
Create hunting rule
Score:
  10/10
Tags:
family:adaptixc2 RAT backdoor trojan
Link:
https://tria.ge/reports/260222-wv7beadt7d/
Behaviour
AdaptixC2
Adaptixc2 family
Unpacked files
SH256 hash:
0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7
MD5 hash:
db9d6f2434e960b380c4a6073cb85b24
SHA1 hash:
98e6cc80191a4cbb324a3bceecb7689274ed3ffa
Link:
https://www.unpac.me/results/d4e2e816-a938-413e-893f-13121fd2fb56/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.51
Link:
https://yomi.yoroi.company/submissions/0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:golang_bin_JCorn_CSC846
Create hunting rule
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
Rule name:pe_detect_tls_callbacks
Create hunting rule
Rule name:Windows_Trojan_Adaptix_b2cda978
Create hunting rule
Author:Elastic Security

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

AdaptixC2

Executable exe 0e7d48636d29a59361c13d60dcc16aff14a0e0b16f8a1dd346825a8b139e0ef7

(this sample)

Cape
Cape
https://www.capesandbox.com/analysis/54092/
  
URLhaus
https://urlhaus.abuse.ch/url/3783996/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3784010/
  
URLhaus
https://urlhaus.abuse.ch/url/3784028/

Comments