MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


ACRStealer


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca
SHA3-384 hash: fd3a29c5bdb4347b7a39c47144a775942adda5023e251a41ac8c679f206f43048170b5c66435464baab403ea1e8beca2
SHA1 hash: cfa53a09b711e5e17652cf723e0bcab5a0a456e2
MD5 hash: 291fbeb8973b1f00b8217739ab8a5ad7
humanhash: october-oregon-sierra-idaho
File name:SETUP.zip
Download: download sample
Signature ACRStealer
Create hunting rule
File size:29'153'573 bytes
First seen:2026-06-18 14:13:16 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 786432:Y3ZEik7xM4P8AJpAJAQDLNXBR4dcVVBIQOK/VE:EtBgNAJAQD5XBR4dciOE
TLSH T1D6573369D601CF41C56FED3E84D6525AB6BB9A29097BC02B03EC96CF3CE2E8D975100D
Magika zip
Reporter aachum
Tags:ACRStealer stream-pawpalace-cc zip


Avatar
iamaachum
https://bestproviders.org/ => https://www.mediafire.com/file/o57u2y5iu7z4oxk/SETUP_FILE_(PASS$_KEY=2114)).zip/file

ACRStealer C2: stream.pawpalace.cc

Intelligence

File Origin
# of uploads :
1
# of downloads :
82
Origin country :
ES ES
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/f1cf0628-8f1f-47c7-b20a-dbf4330cc985/
Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6a33fe0886bc95245bf79f24
Tags:
ransomware injection dropper
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca
Verdict:
Malicious
File Type:
zip
First seen:
2026-06-18T10:28:00Z UTC
Last seen:
2026-06-18T12:52:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca/results?tab=lookup
Score:
38%
Verdict:
Susipicious
File Type:
ARCHIVE
Link:
https://malprob.io/report/2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca
Gathering data
Gathering data
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-06-18 14:14:58 UTC
File Type:
Binary (Archive)
Extracted files:
603
AV detection:
5 of 24 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fx2pjqfxozy7zow4zmqyty66t62pxsqakk6ed34c2wfpavv5nxfa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

ACRStealer

zip 2df4f4c0b77671fcbadccb2189e3de9fb4fbca0052bc41ef82d58af056bd6dca

(this sample)

  
Link
https://tria.ge/260618-qvc5nsat8z/behavioral3
  
Delivery method
Distributed via web download

Comments