MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e
SHA3-384 hash: da0cc605e23eb88868423053ebae7fcaf2f33c0dd6c25c1daf034298d5253bb318718d4118bb7ecbf1a974e363b41ac6
SHA1 hash: 91b0bf4f8faee37a89aca8ee10970bd793c6bb41
MD5 hash: 4667e303b3ce7ba00155d3c205bc0b4e
humanhash: emma-skylark-fanta-video
File name:g2m.rar
Download: download sample
File size:610'726 bytes
First seen:2026-01-29 19:07:10 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:cUtvyiHFfZpzmH8zSDKakqT+iixpEYjPFORuCetnfIwcb:PKgfZp3u2aklxpfjtfIBb
TLSH T180D423B229F1A8DDF389322D6241DA2A4F3250BBA021E11759DAF13EC5F5C19317DB39
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter BlinkzSec
Tags:45-150-34-23 rar

Intelligence

File Origin
# of uploads :
1
# of downloads :
39
Origin country :
CZ CZ
File Archive Information

This file archive contains 2 file(s), sorted by their relevance:

File name:G2M.exe
File size:32'256 bytes
SHA256 hash: 4dc4c0bdce7d711bd4160beebbfe67d64a65a5c083429cb222926d7bd095b353
MD5 hash: aa6abf41a80d736c27c168e834baf3c7
MIME type:application/x-dosexec
File name:g2m.dll
File size:3'205'120 bytes
SHA256 hash: 5000cb2827b5571e49a6448f7e30e6802040313edee5cdc040720cdc5086884e
MD5 hash: d5cce63acd8c39c16c99aeb294813c56
MIME type:application/x-dosexec
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/6c94e622-6be0-4ff6-beee-a640b79c7a10/
Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=697bb0096fa3eed165305867
Tags:
shellcode vmdetect dropper virus
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
expired-cert microsoft_visual_cc packed signed
Link:
https://www.filescan.io/uploads/697baffab6bd365f0a696673/reports/26b9bca5-e388-4f29-9877-41e7abf92391/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e
Result
Gathering data
Verdict:
Malicious
File Type:
rar
First seen:
2026-01-21T00:25:00Z UTC
Last seen:
2026-01-21T01:00:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e/results?tab=lookup
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-01-22 02:01:08 UTC
File Type:
Binary (Archive)
Extracted files:
12
AV detection:
14 of 36 (38.89%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hexc6s6urv3gepbnfovehle6fmpab56xsz4pmzgyk4l3cyyeryxa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

rar 392e2f4bd48d76623c2d2baa43ac9e2b1e00f7d79678f664d85717b163048e2e

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3765736/

Comments