MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 11


Intelligence 11 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041
SHA3-384 hash: 19896598526b2a80560731cf37bde81e0df1eddce414ea753133fbd9cf923a5f645f21c4ba634551f5128aff73ff3f1f
SHA1 hash: d09928473eb539f687e0f2d71d29303b64f9f9fc
MD5 hash: addc4985887b80b58ff3113c062b1fff
humanhash: lake-neptune-winner-nevada
File name:addc4985887b80b58ff3113c062b1fff
Download: download sample
File size:34'931'200 bytes
First seen:2026-04-01 07:29:42 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash d42595b695fc008ef2c56aabd8efd68e (235 x Vidar, 92 x Rhadamanthys, 89 x Stealc)
ssdeep 393216:rADmkaROFhihSDPBzaMuKaGpsWKctOCrn24Lux2JtEfmNSxXwY22oXvmIrbtCoXf:rAqkawFYhSDAg
TLSH T1DA773B83F8E21EE4D4EAC571D129815BF6723C291B3823DB16A0F7241F3ABD06A76751
TrID 33.1% (.EXE) Win64 Executable (generic) (6522/11/2)
25.6% (.EXE) Win16 NE executable (generic) (5038/12/1)
10.4% (.ICL) Windows Icons Library (generic) (2059/9)
10.3% (.EXE) OS/2 Executable (generic) (2029/13)
10.1% (.EXE) Generic Win/DOS Executable (2002/3)
Magika pebin
Reporter adrian__luca
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
116
Origin country :
HU HU
Vendor Threat Intelligence
Gathering data
Malware family:
n/a
ID:
1
File name:
addc4985887b80b58ff3113c062b1fff
Verdict:
No threats detected
Analysis date:
2026-04-01 07:38:41 UTC
Tags:
golang
Link:
https://app.any.run/tasks/1a2240d9-3340-44b7-89c9-e76a30f57708

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69ccc9b43a18a6e1ddf038e4
Tags:
virus
Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a custom TCP request
Connection attempt to an infection source
Verdict:
Malicious
Labled as:
Dump:Generic.Trojan.Sliver.Marte.F
Link:
https://www.hybrid-analysis.com/sample/76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041
Verdict:
Malicious
File Type:
exe x64
First seen:
2026-03-03T07:18:00Z UTC
Last seen:
2026-03-03T07:42:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041/results?tab=lookup
Score:
99%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041
Gathering data
Verdict:
Malicious
Threat:
Family.SLIVER
Link:
https://tip.neiki.dev/file/76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041
Threat name:
Win64.Trojan.SliverMarte
Create hunting rule
Status:
Malicious
First seen:
2026-03-04 19:59:44 UTC
File Type:
PE+ (Exe)
AV detection:
8 of 36 (22.22%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=o364b7ctowfg4aabtx34tubu3yb7y2rceuv2f3muzolvrxufcbaq._file
Verdict:
malicious
Label(s):
sliver
Create hunting rule
Similar samples:
error
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260401-jb7fvacw6v/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.86
Link:
https://yomi.yoroi.company/submissions/76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Executable exe 76fdc0fc53758a6e00019df7c9d034de03fc6a22252ba2ed94cb9758de851041

(this sample)

  
Delivery method
Distributed via e-mail attachment
  
URLhaus
https://urlhaus.abuse.ch/url/3610038/

Comments