MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4
SHA3-384 hash: d524b127bc451b816439c35e8d79d1b5f1892daa0d054aebb72a102ff2cac2e7abddd579cea39e4b97bbed5fdce8f8dc
SHA1 hash: 886c5f28e449fccc2ebd7a2991837bfcf996b2ca
MD5 hash: 9f798787e9dcf3e084a19019ee3138a7
humanhash: fruit-maine-autumn-bravo
File name:REQXForXPaymentXInvoiceXXFER48012000266666230-7134009_pdf.txz
Download: download sample
File size:109'493 bytes
First seen:2026-06-12 21:52:56 UTC
Last seen:2026-06-12 21:54:27 UTC
File type: rar
MIME type:application/x-rar
ssdeep 3072:a8ZsisXRUqaBOK2811rZbxIsbiYofnxY/HNt3:9sfB3enrnlFb/tx
TLSH T15FB3124B7DB626709EC2956606DC3F44045FF27D09F266439337E612A9E2FB05B68E30
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter TomU
Tags:rar

Intelligence

File Origin
# of uploads :
8
# of downloads :
56
Origin country :
CH CH
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:REQ For Payment Invoice FER48012000266666230-7134009_pdf.js
File size:798'044 bytes
SHA256 hash: f28b648214c7c333768c792ccd6ee741cf7bade528aa6367acd645e1ce195e11
MD5 hash: b579f26caa603c2270ad5c0823567dc0
MIME type:text/plain
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/ff6b9bda-3751-423c-aafd-4fd84bd51a39/
Detection(s):
Sanesecurity.Foxhole.JS_Rar_1.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6a2c7fdc34eaf30d8ce55307
Tags:
agenttesla stration virus shell
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
conhost masquerade obfuscated powershell repaired
Link:
https://www.filescan.io/uploads/6a2c7fdb1f652d68657bf5f2/reports/ec5e34ce-310a-42b8-9b2a-c86dfef3274f/overview
Verdict:
Suspicious
Labled as:
Trojan.Generic
Link:
https://www.hybrid-analysis.com/sample/3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4
Verdict:
Malicious
File Type:
rar
First seen:
2026-06-10T02:31:00Z UTC
Last seen:
2026-06-10T13:44:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4/results?tab=lookup
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4/
Threat name:
Win32.Trojan.Malgent
Create hunting rule
Status:
Malicious
First seen:
2026-06-10 01:44:57 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
13 of 24 (54.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hq64iyy37rou3iqhogfamscryan7rfdlmmgdksbufxk5wnpmadka._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar 3c3dc4631bfc5d4da207718a064851c01bf8946b630c3548342dd5db35ec00d4

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments