MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

ACRStealer

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4
SHA3-384 hash:	d4e2ae29282a0dec3320d7c0723bbe84b6e604b7f07a21a26fc56288ddc7ede8f18976875518268b7cb740ee15d461a7
SHA1 hash:	936e2937b7f8fe5e4afb483396f939b34e02e5e4
MD5 hash:	7067687423c9989bffd07c3cd16fd3a2
humanhash:	double-floor-yankee-illinois
File name:	SETUP.zip
Download:	download sample
Signature	ACRStealer Create hunting rule
File size:	17'017'459 bytes
First seen:	2026-03-17 20:03:06 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	393216:D/RL1EkPq0esOcQtdm9N8ANXxynBYsT8pGSGUq0kI:11EkFeLcx9N8A/UYqiH
TLSH	T1540733B48442DBA1C07A9172147640FB267EC95C0C1FAE01B2BED35F9D46AA78FFCA45
Magika	zip
Reporter	aachum
Tags:	109-107-166-221 ACRStealer dllHijack zip

iamaachum

https://findsbestmacs.org/ => https://mega.nz/file/6tAyXBLT#bqQDXhJ2EoVn1R44b2cfK660045wIPYF9C5xr4srqoY

ACRStealer C2: 109.107.166.221

Intelligence

File Origin

# of uploads :

1

# of downloads :

47

Origin country :

ES

Vendor Threat Intelligence

Details

Link:

https://research.acce.ciphertechsolutions.com/results/3910bb2e-4a80-4446-b812-2139d7223769/

Verdict:

Malicious

Score:

90.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69b9b39b93b644ca466b13a3

Tags:

shellcode smtp

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4

Result

Verdict:

MALICIOUS

Link:

https://labs.inquest.net/dfi/sha256/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4

Details

Windows PE Executable

Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.

Verdict:

Malicious

File Type:

zip

Link:

https://opentip.kaspersky.com/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4/results?tab=lookup

Score:

15%

Verdict:

Benign

File Type:

ARCHIVE

Link:

https://malprob.io/report/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4

Gathering data

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4/

Threat name:

Win32.Packed.GiantMidie

Status:

Malicious

First seen:

2026-03-17 20:03:33 UTC

File Type:

Binary (Archive)

Extracted files:

223

AV detection:

9 of 36 (25.00%)

Threat level:

1/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=dygxmyj6vreoxp6dh2djx7hoas22dww67cxdhcinv5ze3mxwl7sa._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

zip 1e0d76613eac48ebbfc33e869bfcee04b5a1dadef8ae33890daf724db2f65fe4

(this sample)

DLL dll 63c66e2dbbd3d4b77035137d92fbebea562771d2ec15b0d4ba7b16d9b77e512a

Link

https://tria.ge/260317-yes5ysbz9t/behavioral3

Delivery method

Distributed via web download

Dropping

SHA256 63c66e2dbbd3d4b77035137d92fbebea562771d2ec15b0d4ba7b16d9b77e512a

Dropping

MD5 999ad703d741c9a04e35d287e763b372

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample