MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4771a69c40d984dadae8a485e53e0fa7ba2b032b7ea1e9d05f927748bcaafcc8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA 8 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4771a69c40d984dadae8a485e53e0fa7ba2b032b7ea1e9d05f927748bcaafcc8
SHA3-384 hash: bcd457f9dce2ce0d4da8226d81d8fc9d52c2f0f75aaa80ccfab7032dd5bb7fc60aa64968270ff9143271b8e28418b3e6
SHA1 hash: f4d9700e4c2054976291a03b7c352832668c87ca
MD5 hash: 37d2bb4b894d3a8e06575f54adcecb26
humanhash: snake-hydrogen-hotel-spaghetti
File name:DivineX.zip
Download: download sample
File size:73'976'640 bytes
First seen:2026-04-17 11:56:55 UTC
Last seen:Never
File type: zip
MIME type:application/zip
Note:This file is a password protected archive. The password is: dx2026
ssdeep 1572864:j8jgsgGJ3KqMKoVA047AfvBrzMEOXKcka7TGq/UUIc0juW3B:j0lVMOMfvBrzMNx8UnQR
TLSH T159F733EA3D255AADF361AAF0B6E54332DE7001F2EDE290DF2A5025C04F42664CD3D96D
Magika zip
Reporter burger
Tags:pw-dx2026 zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
49
Origin country :
DE DE
File Archive Information

This file archive contains 51 file(s), sorted by their relevance:

File name:vcruntime140_1.dll
File size:47'264 bytes
SHA256 hash: e6bfb3662ab4b1969a73441dbe35c96d51441b6bff8cf1fe7430bd5b246ca605
MD5 hash: 03b43160d21c08de07a79d0a1c5ee81d
MIME type:application/x-dosexec
File name:funnel_bg_999032.bmp
File size:15'095'550 bytes
SHA256 hash: 7e799e2782d9a0cd315acf959899e704b9ce7c1779c0bc0224bc8341fdd180b9
MD5 hash: 9db097147daad297f6b1f19d8b06218c
MIME type:application/octet-stream
File name:diagram_bg_preview.bmp
File size:7'788'354 bytes
SHA256 hash: 0dffb8cc74800ddbc664f0dff8b7557e7a4ef3eee22e167f600285b58984404d
MD5 hash: dd01d7acd5deaf871c4de82e30d5a248
MIME type:application/octet-stream
File name:Qt5Widgets.dll
File size:6'167'552 bytes
SHA256 hash: f07780c6d003d0bea76f133a9e5ba4b612de0cb177358109f4ba87c8c66f305a
MD5 hash: 2946036619108a08079d2721df257269
MIME type:application/x-dosexec
File name:compaction_state_override.dat
File size:112'032 bytes
SHA256 hash: 579eb673056ed94df0a5f9c6ea2658c62e461562a47f5819ae40e08b962de767
MD5 hash: a18c5c381044ba4d6ae44ef9d69261c8
MIME type:application/octet-stream
File name:Qt5Gui.dll
File size:6'470'656 bytes
SHA256 hash: 7d734b80bc11f7ee84efc7fa02bcb458f8e1686282ae1aa0445da40fc8dff793
MD5 hash: 007f810bdd33dc64d1dc9f3e143997a0
MIME type:application/x-dosexec
File name:membership_ring_fallback.dat
File size:106'982 bytes
SHA256 hash: 9ffbe7e72c5ae759c223c1f6bb17edfc934f33ceddd52aabffe32010c0b75bc7
MD5 hash: 87473ec6ede304c570d2311a4513598a
MIME type:application/octet-stream
File name:vcruntime140.dll
File size:123'472 bytes
SHA256 hash: 184146852727a9db4eea06178716bec3cdbb1015c911f6b0f915b184ad7775b2
MD5 hash: 0d35c5e99871b4f02c490b9fd9dace34
MIME type:application/x-dosexec
File name:latency_base_c309b7.bmp
File size:15'227'334 bytes
SHA256 hash: 3fadfa4b820ba76fb9596f3cbc3509cbb69ac2cd08843cc06e41a898584538a4
MD5 hash: dd25e3796a1593fe24d0e35ce83e982c
MIME type:application/octet-stream
File name:concrt140.dll
File size:309'632 bytes
SHA256 hash: 449e6073300d973d3d07f08896140ecdcc1c7fe8f58cff5aa7096cc124cf6393
MD5 hash: 046f9be1a19af1ed07d89f36c105ce30
MIME type:application/x-dosexec
File name:zlib1.dll
File size:136'648 bytes
SHA256 hash: 49f151535a5c3afa5ebfe4d3bb853948a942401c2c09ad1af52ae579b844eb6a
MD5 hash: 80755659eb4e1d7381c45dfe7d13969f
MIME type:application/x-dosexec
File name:msvcp140.dll
File size:553'552 bytes
SHA256 hash: def46aa6a8f72f27bafac0c43334419486a4d1dcdb6c479a8ef7034b3e1fa4cb
MD5 hash: 4e3fa9bd90ef020c14359639dc19312b
MIME type:application/x-dosexec
File name:Qt5Core.dll
File size:6'130'176 bytes
SHA256 hash: aea8383f65307e0fb5f450c9b705363ad55c417eb240dc8633dab09c3dc348a4
MD5 hash: 463037c6f585124f08dc343b18c23bc2
MIME type:application/x-dosexec
File name:heatmap_base_7e146c.bmp
File size:6'993'654 bytes
SHA256 hash: bcfe068a3e717eb987e62e613bfc358e388a503f7d54cbbc845e0152b970fbbb
MD5 hash: a154be21aeb791422f4f33e7bb212043
MIME type:application/octet-stream
File name:DivineX.exe
File size:378'008 bytes
SHA256 hash: a7479c3a4c702f2225a2ed343a8222bb36031f34474bf38d9a61f1a759fe3bf1
MD5 hash: 11fb8b77762947e113f6db67347b8633
MIME type:application/x-dosexec
File name:sparkline_bg.bmp
File size:7'481'754 bytes
SHA256 hash: 987dbbeeb5e5155e3fb303e6bb9bcdde10dd08100df35c84112933c44ba6606e
MD5 hash: 70a925d1f930ab69e6c637ea9a07e73e
MIME type:application/octet-stream
File name:status_phrases.json
File size:1'676 bytes
SHA256 hash: 663ebc9561cc0225ea286b7c2a39a6370ea337a6f9de9bb0de5e45f174f37cc3
MD5 hash: 9c39af1e8564c36734bde4922b3694e4
MIME type:application/json
File name:PRIORITY_MATRIX.txt
File size:5'284 bytes
SHA256 hash: f3165e13fb1fa6976210fd38d6cec65cceeb601c5eb0df913a870b9cf67a2f16
MD5 hash: 7ad6b51268c09759e09fff422d542c7b
MIME type:text/plain
File name:descriptions.json
File size:2'266 bytes
SHA256 hash: 7db75c7dee3ada190c99a59e5db0678085c64607c8a878d9d7ca57ba0cbc43b8
MD5 hash: 5102cb331ce31d5da53f177344170ed4
MIME type:application/json
File name:mod_registry_beta.json
File size:3'607 bytes
SHA256 hash: 8abafaba1bb6092b8c30e35c31b1eaefdd15185655a551c20655adf510eb464a
MD5 hash: 091bf27fe29b55af4a0583ac3685309e
MIME type:application/json
File name:architecture_brief.md
File size:1'637 bytes
SHA256 hash: 813e392e46dfbb46d87cbf971745f911f9f542a64364ff7f4043e76cd06311df
MD5 hash: 7c5a05335438c7861446b58149d66af3
MIME type:text/plain
File name:endpoint_map_preview.xml
File size:1'151 bytes
SHA256 hash: af5e9ed387cd7a2972316053c8440cc211f2c2919aaaa1cc57a3990488f31c9c
MD5 hash: 6e2fc2644b3fdd68a2ded260aa790f27
MIME type:text/xml
File name:error_patterns.md
File size:2'712 bytes
SHA256 hash: 5c39d0ffb26e0ca80ac4ea01e355a9292540ed3642de970da59caafcce10b8ac
MD5 hash: ed4eb145bf351cc108527a149b1da29e
MIME type:text/plain
File name:action_prompts.json
File size:1'746 bytes
SHA256 hash: 013a4ea52a72a8e5a05f5244c5eb556289bd7dd23ae0067bf33c05b31dff057b
MD5 hash: e5048055088c6817fc39b9fe4e1337e5
MIME type:application/json
File name:renderer_stable.log
File size:121'126 bytes
SHA256 hash: 8739a42fb75ff5ed3da6d331bbc4d42f4601696ffb952e15a0a95b0d1dd337f4
MD5 hash: 5a0424a597eee1fcf17c8b4e992f598f
MIME type:text/plain
File name:memory_usage_log.csv
File size:48'104 bytes
SHA256 hash: 368dccbdcf6ba26dbf8ac94c7bd3859aae6caa42fb82748c4596cf9e1bb37aba
MD5 hash: 4b5c4a127cb541ce4069a17e15368193
MIME type:application/csv
File name:quota_limits.ini
File size:521 bytes
SHA256 hash: 094aa71a13e0afde2c4b6b90843abaaf8d396c5c03c563884b4609002bd9bee2
MD5 hash: fd0986c75e46e1046a3c1a9d34420346
MIME type:text/plain
File name:ui_captions.json
File size:1'752 bytes
SHA256 hash: 5f96cf17b2a52cd5b43354a0736991a8cdf14557868d25b2483ff02951650eba
MD5 hash: 7dd807a4ae5b4938b293930274f20018
MIME type:application/json
File name:TROUBLESHOOTING_override.txt
File size:9'473 bytes
SHA256 hash: 854aa8398ee95414db166d4447558fbfede4b5ae6d85db269a2e26fceb514091
MD5 hash: bb059c1e8a08744ff86f68c96576809c
MIME type:text/plain
File name:endpoint_map.xml
File size:1'495 bytes
SHA256 hash: 1213d1d9949e3bdaeb733b1039ed262e9062e89dc6537c08da18a6769b4b6001
MD5 hash: c2743382698af09b90fed92942451975
MIME type:text/xml
File name:alert_text.json
File size:2'418 bytes
SHA256 hash: 1f1c2d66efe0c90e9ca3f56a9a50d9560e28897f8dfa106f4065a092189c1c65
MD5 hash: 51d4081d973341461ab01f3edcc6d3f3
MIME type:application/json
File name:resource_budgets_legacy.json
File size:735 bytes
SHA256 hash: b939abb08a5937333d3b1ec0820becc343b8135bdbbe2418af159e8e46ff68d8
MD5 hash: d450d6ffdc4ed583f6dc91da3a189e78
MIME type:application/json
File name:warnings.json
File size:3'009 bytes
SHA256 hash: 1e4de30db7ee983a0620ac56ba723658b15a34ce7f5f448b5c5f1080fa0820bd
MD5 hash: c283f23f2d455c036ba35b588ccf7642
MIME type:application/json
File name:USER_GUIDE.txt
File size:4'578 bytes
SHA256 hash: be2e625ff1f4c9ae37889045fec50549962a7fb9dba01c6eb19b80cd8c93203f
MD5 hash: 28eba2f549e9c9d1439abac573a4f1b8
MIME type:text/plain
File name:field_names.json
File size:2'216 bytes
SHA256 hash: c1329052882e54d313496132551be1f862fb6a5cab60753416efce25cdd00876
MD5 hash: 2de66421ae12c1dd2baff274ad9266f7
MIME type:application/json
File name:hints.json
File size:2'043 bytes
SHA256 hash: dba85262929ae23536d911fba7c887ebc79b33a8cf675cb74e40814d9fbb05e9
MD5 hash: 32026f09a4f8c2f1ebcfbdd4b8c9231a
MIME type:application/json
File name:layout_constraints.json
File size:3'335 bytes
SHA256 hash: e6ed0da3fd0a8d4ce1f8220d0cc3a2b6afa5d0f57672754176861d6c5dec1d46
MD5 hash: f07367cbd09e34681182eafeea4963a4
MIME type:application/json
File name:display_opts_override.ini
File size:622 bytes
SHA256 hash: 35bfcf6bbcbafc8c8434f28950db87b495d4163c7786393551b4584791320435
MD5 hash: 92ea0132ba03aa9c812ecb4d8cd0bb5d
MIME type:text/plain
File name:integration_patterns.md
File size:2'446 bytes
SHA256 hash: 4c4371aeba489eb96b342b29fefac7695ae2398e6b8feb3b04916374c3f6d344
MD5 hash: 05343aeccea6cf7f0085385b42eb21eb
MIME type:text/plain
File name:TROUBLESHOOTING.txt
File size:7'404 bytes
SHA256 hash: eb4ea7861a2a52e830cf85ef1e5e8c53d22e799fc59a24f8510ef8be63798c11
MD5 hash: 624707e654f2705ad85503e00cc837be
MIME type:text/plain
File name:download_log.csv
File size:28'764 bytes
SHA256 hash: 2d60c09a6dde0015b0614d0bbc1955344a7f11b04def10183d8e7bc09a86e218
MD5 hash: 9dbc8a7a5defec48251cef8760ced2b6
MIME type:application/csv
File name:migrator_fallback.log
File size:169'232 bytes
SHA256 hash: 0e29ad9db202aab5ffe38d8c7292d632af988bd38b0e5154ebe595569729f75a
MD5 hash: fe02965e0f8331c0a8e99354ba41deb1
MIME type:text/plain
File name:data_flow_overview.md
File size:2'278 bytes
SHA256 hash: cb3c102ce1e40fb2a0ee5d25f5b12e401ceb5e23d33770395616c8b843873d52
MD5 hash: a3c97e76bf37f5bba804d92c930fb8d8
MIME type:text/plain
File name:duration_histogram_base.csv
File size:48'734 bytes
SHA256 hash: 1483d1b366322e3300e9376666b7c739b01ff5364f9f4ed49d1bcc62c9e449ae
MD5 hash: 643f339b4510fe795941837fe1746a0e
MIME type:application/csv
File name:capability_map.xml
File size:3'755 bytes
SHA256 hash: 59c059fd1a92ae7316cf5fdda92be924053df07b7e07b6e14252df08d4a931ca
MD5 hash: 9511b4b67e5d561db1125042768099f9
MIME type:text/xml
File name:evaluator.log
File size:172'929 bytes
SHA256 hash: b3327cb4db160463ca37871f58f21448ab87b47b11c6845f42c7b839c6ec253f
MD5 hash: ab68edcd13bf0e670d8a70026441684e
MIME type:text/plain
File name:policy_bundle.xml
File size:1'159 bytes
SHA256 hash: 628251d4421739daa0aa4279474d17278d92b08fe3b096210338f1421c5d5b9a
MD5 hash: 04467e730e4aca6328478091057e43ea
MIME type:text/xml
File name:display_prefs_beta.json
File size:3'536 bytes
SHA256 hash: f2ddfd2f7e2ce871e971bf44b60b89291f9a95d39bb8837acc7c0e87ff99104d
MD5 hash: 5b93277490e47c9ae4a832ac09f35837
MIME type:application/json
File name:profile_defaults_base.json
File size:4'027 bytes
SHA256 hash: 621548bb90261cdcb68ffaac8592a1dd14a26ce7ede13fa8e8d574dd256ee7cf
MD5 hash: d6442324a2931efce5db0311699e7395
MIME type:application/json
File name:throughput_summary.csv
File size:43'485 bytes
SHA256 hash: 0e2ca07c5476b5bc49065f3374f224f5d7c7cf6300b2902523376e47600dd336
MD5 hash: 0110553bb2b4e3c05cebced1dc7a2d19
MIME type:application/csv
File name:rebalance_log_fallback.csv
File size:37'476 bytes
SHA256 hash: 048d481ae20abd07ed5d41a7d825ab518a7771466da8dc32334074d50d3a6905
MD5 hash: a534f21d715d8fba555085d171785834
MIME type:application/csv
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/64c47574-5484-44ff-8fdf-e6261a05095b/
Verdict:
Clean
Score:
89.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=696b9eb8ef906a21abce0038
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/4771a69c40d984dadae8a485e53e0fa7ba2b032b7ea1e9d05f927748bcaafcc8
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/4771a69c40d984dadae8a485e53e0fa7ba2b032b7ea1e9d05f927748bcaafcc8
Verdict:
Unknown
File Type:
zip
Link:
https://opentip.kaspersky.com/4771a69c40d984dadae8a485e53e0fa7ba2b032b7ea1e9d05f927748bcaafcc8/results?tab=lookup
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=i5y2nhca3gcnvwxiusc6kpqpu65cwazlp2q6tuc7sj3urpfk7tea._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260417-n7yk2ads2k/
Please note that we are no longer able to provide a coverage score for Virus Total.

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:DebuggerCheck__API
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
Rule name:Detect_all_IPv6_variants
Create hunting rule
Author:Bierchermuesli
Description:Generic IPv6 catcher
Rule name:Glasses
Create hunting rule
Author:Seth Hardy
Description:Glasses family
Rule name:GlassesCode
Create hunting rule
Author:Seth Hardy
Description:Glasses code features
Rule name:golang_bin_JCorn_CSC846
Create hunting rule
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
Rule name:pe_detect_tls_callbacks
Create hunting rule
Rule name:telebot_framework
Create hunting rule
Author:vietdx.mb
Rule name:TH_AntiVM_MassHunt_Win_Malware_2026_CYFARE
Create hunting rule
Author:CYFARE
Description:Detects Windows malware employing anti-VM / anti-sandbox evasion techniques across VMware, VirtualBox, Hyper-V, QEMU, Xen, and generic sandbox environments
Reference:https://cyfare.net/

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments