MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 9

Intelligence 9 IOCs YARA File information Comments

SHA256 hash:	458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1
SHA3-384 hash:	a27dd2c97b41e4af8ccbda38132def0d8c183c56d772b2f3a022d0404aeef6032d2e89781de22c6261e150c3dd3083ba
SHA1 hash:	ef3196ce393cf8c99722a6d97fac217c9e8869c8
MD5 hash:	fae2a607d81c3d9c6a7e09ad7df63429
humanhash:	zulu-iowa-fish-pasta
File name:	clippy.exe
Download:	download sample
File size:	15'872 bytes
First seen:	2026-02-13 09:55:56 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	4588ba1b149b5cfd708ddf81aaf554ce
ssdeep	384:RbE1A6oPC0xjf2NpNfjNxdiZM60Acz88ipCJLt3:z6YGLdY
TLSH	T1A2623C44139251EDEA298DFCC0458E26E49FB0988350FEFB56F4CA321BC5EC2553B796
TrID	38.3% (.EXE) Win16 NE executable (generic) (5038/12/1) 15.6% (.ICL) Windows Icons Library (generic) (2059/9) 15.4% (.EXE) OS/2 Executable (generic) (2029/13) 15.2% (.EXE) Generic Win/DOS Executable (2002/3) 15.2% (.EXE) DOS Executable Generic (2000/1)
Magika	pebin
Reporter	juroots
Tags:	exe

Intelligence

File Origin

# of uploads :

# of downloads :

109

Origin country :

Vendor Threat Intelligence

No detections

Malware family:

n/a

ID:

File name:

_458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1.exe

Verdict:

No threats detected

Analysis date:

2026-02-13 09:57:09 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/10c2d04e-1d4b-4d84-b225-51ff816f7626

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/53233/

Verdict:

Malicious

Score:

90.2%

Link:

https://cyber-fortress.com/docs/result/index.php?id=698ef54476589225f6664a5c

Tags:

virus

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Tags:

microsoft_visual_cc packed

Link:

https://www.filescan.io/uploads/698ef53e930564ff3c9f05f3/reports/d4608f5e-bbe8-4086-88fe-fedd5d792a53/overview

Verdict:

Malicious

Labled as:

Win/malicious_confidence_90%

Link:

https://www.hybrid-analysis.com/sample/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

Verdict:

Clean

File Type:

exe x64

First seen:

2026-02-13T09:04:00Z UTC

Last seen:

2026-02-13T09:12:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1/results?tab=lookup

Verdict:

Unknown

Link:

https://analyze.intezer.com/analyses/803f9c03-99fe-4918-9a6e-67fbf373688f

Score:

97%

Verdict:

Malware

File Type:

Link:

https://malprob.io/report/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

Verdict:

inconclusive

YARA:

4 match(es)

Tags:

Executable PDB Path PE (Portable Executable) PE File Layout Win 64 Exe x64

Link:

https://app.malva.re/file/fae2a607d81c3d9c6a7e09ad7df63429

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1/

Verdict:

Clean

Link:

https://tip.neiki.dev/file/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

Threat name:

Win64.Backdoor.Sliver

Status:

Suspicious

First seen:

2026-02-13 09:56:20 UTC

File Type:

PE+ (Exe)

AV detection:

11 of 24 (45.83%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=iwgax7roytmpcuagqt426d2lu2lraecenfsbzbbf6xjiaoxqksyq._file

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/260213-lyf9aabs2f/

Behaviour

Suspicious use of WriteProcessMemory

Unpacked files

SH256 hash:

458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

MD5 hash:

fae2a607d81c3d9c6a7e09ad7df63429

SHA1 hash:

ef3196ce393cf8c99722a6d97fac217c9e8869c8

Link:

https://www.unpac.me/results/ba82b7cd-2040-43e8-b419-781e1d8e4e0f/

Malware family:

DonutLoader

Verdict:

Malicious

Link:

https://www.vmray.com/analyses/_mb/458c0bfe2ec4/report/overview.html

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

exe 458c0bfe2ec4d8f1500684f9af0f4ba69710104469641c8425f5d2803af054b1

(this sample)

Cape

https://www.capesandbox.com/analysis/53233/

URLhaus

https://urlhaus.abuse.ch/url/3777075/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample