MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

NetSupport

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d
SHA3-384 hash:	e7a1e965e1ff9e88152fa9cd18fb35766795c0bca611ec452d041428220b7cc16bb2f064505d15744076fee2b7b4e68d
SHA1 hash:	0bb7602a4a1ac9e7e4b72fac64ef51e78519ece0
MD5 hash:	631e5b6951e8b6b16e23220cbba0e1f1
humanhash:	winner-twenty-lion-lima
File name:	cloflart_lnk.7z
Download:	download sample
Signature	NetSupport Create hunting rule
File size:	1'375 bytes
First seen:	2026-03-14 15:55:32 UTC
Last seen:	2026-03-16 02:45:01 UTC
File type:	7z
MIME type:	application/x-7z-compressed
ssdeep	24:mv5NovhlCwAKWUbH7Aw2yIDh/pq+hnOXYAFcvzMt7x63KRAV+1E+nbNJD9HlZEw:8ChltAPWUWIDhRq+hnyY/vI7c+e+bbnT
TLSH	T18B212B8F034F7A39D24106E5045F0A6EF8D3DD1F4ED28D38D5FCAA402C101CBB101844
TrID	57.1% (.7Z) 7-Zip compressed archive (v0.4) (8000/1) 42.8% (.7Z) 7-Zip compressed archive (gen) (6000/1)
Magika	sevenzip
Reporter	Lenard
Tags:	7z ClickFix Falsepositive lnk NetSupport

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

SecuriteInfo.com.Trojan.GenericKD.79705662.7494.19517.UNOFFICIAL

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69b5862893b644ca466a0138

Tags:

n/a

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d

Verdict:

Unknown

File Type:

Link:

https://opentip.kaspersky.com/7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d/results?tab=lookup

Verdict:

inconclusive

YARA:

3 match(es)

Tags:

7z Archive SFX 7z

Link:

https://app.malva.re/file/631e5b6951e8b6b16e23220cbba0e1f1

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d/

Threat name:

Binary.Trojan.Generic

Status:

Suspicious

First seen:

2026-02-23 12:40:26 UTC

File Type:

Binary (Archive)

AV detection:

3 of 24 (12.50%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=psoylsezjg2d54x2xs5fqd4kgcfpg4dnwtllnsq5rjrg7sfccsoq._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/260314-tthkjsdx2v/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

NetSupport

7z 7c9d85c89949b43ef2fabcba580f8a308af3706db4d6b6ca1d8a626fc8a2149d

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3796600/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample