MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7
SHA3-384 hash: 2c6b5565c1805f69ef0196cac63ce8d0651afd4a0014d3174ed9a1aaaa22e47bf0c86467ac2be777c7f02759d5ed9fff
SHA1 hash: 8155b5f6861a8158b5e9f66638a2083304c7d373
MD5 hash: d848ebf62f3f402f5f68c284ebcfff8d
humanhash: four-cold-louisiana-london
File name:file
Download: download sample
File size:211'456 bytes
First seen:2026-02-19 17:10:10 UTC
Last seen:2026-02-19 17:13:33 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash bbca158c80e830144adecd426662d70f
ssdeep 6144:3ordziKl4YTA5f4kEKdSgeHcrKSmXy/cPsY4hmAHj6B:34GK6YTA5f4a1eHcrKSmXy/cPsY4MADm
TLSH T1FF24F63375811FBFF81A13BBDEAB8CA545EF296026FC604AB1D4435496D6F10528E3AC
TrID 33.1% (.EXE) Win64 Executable (generic) (6522/11/2)
25.6% (.EXE) Win16 NE executable (generic) (5038/12/1)
10.4% (.ICL) Windows Icons Library (generic) (2059/9)
10.3% (.EXE) OS/2 Executable (generic) (2029/13)
10.1% (.EXE) Generic Win/DOS Executable (2002/3)
Magika pebin
Reporter Bitsight
Tags:dropped-by-amadey exe fbf543


Avatar
Bitsight
url: http://130.12.180.43/files/8168605051/tPAzuIX.exe

Intelligence

File Origin
# of uploads :
12
# of downloads :
152
Origin country :
US US
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
file
Verdict:
Suspicious activity
Analysis date:
2026-02-19 17:13:54 UTC
Tags:
stealer
Link:
https://app.any.run/tasks/17842c3b-db30-4d2f-a6c0-c51a9c2d196e

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/53874/
Verdict:
Clean
Score:
84.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69974404c950ab5d9aaf7804
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:

Behaviour
Sending a custom TCP request
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
packed
Link:
https://www.filescan.io/uploads/699743fe9eaae846593cbfd1/reports/fc95467b-884a-4737-b5ca-e29a1eac810c/overview
Verdict:
Malicious
Labled as:
Win/malicious_confidence_100%
Link:
https://www.hybrid-analysis.com/sample/5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7
Verdict:
Unknown
File Type:
exe x64
Link:
https://opentip.kaspersky.com/5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7/results?tab=lookup
Verdict:
Suspicious
Link:
https://analyze.intezer.com/analyses/5c20fb6b-310f-4541-8249-88ba7501c6ae
Score:
99%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ltyaky25vtn2yul2r7j42p64ocunvimpmoykcu3rrbzm3l5sydtq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260219-vpwr2sdw7e/
Unpacked files
SH256 hash:
5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7
MD5 hash:
d848ebf62f3f402f5f68c284ebcfff8d
SHA1 hash:
8155b5f6861a8158b5e9f66638a2083304c7d373
Link:
https://www.unpac.me/results/a49b2afd-e0f6-4e73-aca1-2f59827a9c48/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 5cf005635dacdbac517a8fd3cd3fdc70a8daa18f63b0a153718872cdafb2c0e7

(this sample)

  
Dropped by
Amadey
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/53874/
  
URLhaus
https://urlhaus.abuse.ch/url/3781307/

Comments