MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

NetSupport

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a
SHA3-384 hash:	334ec8c55207a2581bdd4aa663a6ffe51203e74237aeddff4f3fe0e65c998c1d178abd8994213c6774f53d0836330e7f
SHA1 hash:	30a67fa70ee1f16b45655ab0c2d155c40079e818
MD5 hash:	a138c9af94803106b542a1c873261e4c
humanhash:	tennessee-lion-april-mockingbird
File name:	cloflart_at.7z
Download:	download sample
Signature	NetSupport Create hunting rule
File size:	1'512'128 bytes
First seen:	2026-03-14 15:55:30 UTC
Last seen:	2026-03-16 02:45:58 UTC
File type:	7z
MIME type:	application/x-7z-compressed
ssdeep	24576:IWq1/qh6bND59hBpAjAT9BORwJpYgWuH61fsIJYn02Mu7ZRfa:IF1Sh8PqRwJp8uH6/UMa6
TLSH	T1EC6533C91E350C82898CB4FDDB39E565105625F73424AE9FA0D46B0A8C94FDFEF80766
TrID	57.1% (.7Z) 7-Zip compressed archive (v0.4) (8000/1) 42.8% (.7Z) 7-Zip compressed archive (gen) (6000/1)
Magika	sevenzip
Reporter	Lenard
Tags:	7z ClickFix ineguade-info NetSupport pazotti-info

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

SecuriteInfo.com.Trojan.GenericKD.79705666.20364.31556.UNOFFICIAL

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69b5853f88c80c01586a1370

Tags:

n/a

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a

Verdict:

Unknown

File Type:

Link:

https://opentip.kaspersky.com/517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a/results?tab=lookup

Verdict:

inconclusive

YARA:

3 match(es)

Tags:

7z Archive SFX 7z

Link:

https://app.malva.re/file/a138c9af94803106b542a1c873261e4c

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a/

Threat name:

Binary.Trojan.Generic

Status:

Suspicious

First seen:

2026-03-10 07:19:25 UTC

File Type:

Binary (Archive)

AV detection:

3 of 24 (12.50%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=kf765fq43wm5kkfaodrn27e2lohvs5icsatemvvuy7ru4nvyzifa._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/260314-tthkjsdx2t/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

NetSupport

7z 517fee961cdd99d528a070e2dd7c9a5b8f59750290264656b4c7e34e36b8ca0a

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3796604/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample