MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a
SHA3-384 hash: 01f354ad371e8f344d276c96ac9469535d5edecbbe07ac691d25a85e53ebd1a98a94366690608d9b7dd3271bb53d8523
SHA1 hash: 0cbc514212b2a312648f9ba7ee4dc4ddb2d76038
MD5 hash: 4eda7721ac6cfefd291dce331e98fc65
humanhash: saturn-vermont-mango-louisiana
File name:jjrawlins_cdk_iam_policy_builder_helper-0.0.194-py3-none-any.whl
Download: download sample
File size:3'035'930 bytes
First seen:2026-03-31 11:36:57 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 49152:ys6SiU9BIFa/Q3P9pSMNfO74A0WnxLgyyZHDPrC+Z3suEKZt2HlBOkKzSxE:TD9BzkPax74ATxLgyyZHDP+EBX2Hlwd3
TLSH T156E5333F1792152EE2147D92BFB50898EA04F180F53EDDA8237852514C58D8AFB68EF7
TrID 86.2% (.WHL) Python Wheel package (25000/1/5)
13.7% (.ZIP) ZIP compressed archive (4000/1)
Magika zip
Reporter JAMESWT_WT
Tags:jjrawlins-cdk-iam-policy-builder-helper zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
43
Origin country :
IT IT
File Archive Information

This file archive contains 7 file(s), sorted by their relevance:

File name:__init__.py
File size:1'497 bytes
SHA256 hash: 394a2a668ea4c339ed6b7e84849305e6ae9f1b8c2bb3a8b1c016de9e5e92f044
MD5 hash: 2450ee2e3247285096767c2b870d267f
MIME type:text/x-python
File name:cdk-iam-policy-builder-helper@0.0.194.jsii.tgz
File size:3'037'392 bytes
SHA256 hash: 11570b840633975939084c1ac5cf7a49e5ec52c80d91344c05cab10316a44d3a
MD5 hash: 3af743fcc063a92c1e74c06f2092f01a
MIME type:application/gzip
File name:METADATA
File size:1'456 bytes
SHA256 hash: 3fbe2b07ac40f6a7499b26af6f9c2983d0583b335c5d3c663f6c879520f52ea5
MD5 hash: 2361e314c7daa5f9a31c7c7f392b9fe5
MIME type:text/plain
File name:WHEEL
File size:91 bytes
SHA256 hash: 04d44c0f2ccb92472696fd09f29a434249365440f7dd27ac243ca7afd103d607
MD5 hash: 1311f7d8d347ebf587d6635154996e3d
MIME type:text/plain
File name:top_level.txt
File size:40 bytes
SHA256 hash: f6193dd6e13ce2282724344760a0bc875dfac0ec302a725a539693023c8a7de2
MD5 hash: 51c893db330bcc792242f5af6c9e0bf7
MIME type:text/plain
File name:RECORD
File size:823 bytes
SHA256 hash: 71c6b0904da45adaf41c23fdefa84967472f7be230b9c2c85d67616ce4101b46
MD5 hash: 5e27c3412d814fa1a560991652c2623e
MIME type:application/csv
File name:LICENSE
File size:11'358 bytes
SHA256 hash: cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30
MD5 hash: 3b83ef96387f14655fc854ddc3c6bd57
MIME type:text/plain
Vendor Threat Intelligence
Gathering data
Verdict:
Suspicious
Score:
50%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69cbb1f13a18a6e1ddeffe1f
Tags:
infosteal
Result
Verdict:
Unknown
File Type:
ZIP File
Link:
https://app.docguard.net/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a/results/dashboard
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a
Verdict:
Clean
File Type:
zip
Link:
https://opentip.kaspersky.com/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a/results?tab=lookup
Score:
1%
Verdict:
Benign
File Type:
ARCHIVE
Link:
https://malprob.io/report/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a
Threat name:
Archive-ZIP.Downloader.SupplyChain
Create hunting rule
Status:
Malicious
First seen:
2026-03-31 00:54:48 UTC
File Type:
Package (Python)
Extracted files:
4317
AV detection:
6 of 23 (26.09%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=o6sjilejkqaxoy3cnxjly44gdoubzauw36jmhleoaf6vtlwo5rna._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
execution
Link:
https://tria.ge/reports/260331-n7l71ahy8r/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/77a4942c8954017763626dd2bc73861ba81c8296df92c3ac8e017d59aeceec5a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments