MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 9

Intelligence 9 IOCs YARA File information Comments

SHA256 hash:	7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158
SHA3-384 hash:	3958d761bd2750651bc938fa0924b005b737105dfaf16b77b9916c8ff88a8ed35edf1bea7c822fa4d1a1cb630268bffb
SHA1 hash:	7257b276ae051d82a4a376d3a81c54bafe93e654
MD5 hash:	d6785ab53a439cb3c675cb887658ec53
humanhash:	louisiana-mango-comet-lima
File name:	EdgeGdi.dll
Download:	download sample
File size:	13'312 bytes
First seen:	2026-02-13 09:55:37 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	d7ced86d4b3ee8f8be3740467ef2fad7
ssdeep	192:hIjcRLv1My+l67Syr2WthukTKTS8CfbI+zchhAGRQfSda0:h0cRLdMyftbTKTZCfLz8C4Qqd
TLSH	T1EC522A49234812E9DA3A83BE90718E49E46EF0149275AF7F43B4C57AAF42E53252DFC1
TrID	38.3% (.EXE) Win16 NE executable (generic) (5038/12/1) 15.6% (.ICL) Windows Icons Library (generic) (2059/9) 15.4% (.EXE) OS/2 Executable (generic) (2029/13) 15.2% (.EXE) Generic Win/DOS Executable (2002/3) 15.2% (.EXE) DOS Executable Generic (2000/1)
Magika	pebin
Reporter	juroots
Tags:	dll exe

Intelligence

File Origin

# of uploads :

# of downloads :

111

Origin country :

Vendor Threat Intelligence

No detections

Malware family:

n/a

ID:

File name:

_7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158.dll

Verdict:

No threats detected

Analysis date:

2026-02-13 09:57:18 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/a2f00a6c-1178-49c2-970c-236fd155b371

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/53232/

Verdict:

Malicious

Score:

70%

Link:

https://cyber-fortress.com/docs/result/index.php?id=698ef54276589225f6664a53

Tags:

malware

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Tags:

masquerade microsoft_visual_cc packed

Link:

https://www.filescan.io/uploads/698ef53f981ff1d38a549f19/reports/f40b1238-8135-4e8b-821e-9e604de2183d/overview

Verdict:

Malicious

Labled as:

Win/malicious_confidence_90%

Link:

https://www.hybrid-analysis.com/sample/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

Verdict:

Clean

File Type:

dll x64

First seen:

2026-02-13T07:03:00Z UTC

Last seen:

2026-02-13T07:07:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158/results?tab=lookup

Verdict:

Unknown

Link:

https://analyze.intezer.com/analyses/e5bca494-6cc2-4682-a294-e152a43c8e7f

Score:

91%

Verdict:

Malware

File Type:

Link:

https://malprob.io/report/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

Verdict:

inconclusive

YARA:

5 match(es)

Tags:

Executable PDB Path PE (Portable Executable) PE File Layout Win 64 Exe x64

Link:

https://app.malva.re/file/d6785ab53a439cb3c675cb887658ec53

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158/

Verdict:

Malicious

Link:

https://tip.neiki.dev/file/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

Threat name:

Win64.Trojan.Sirefef

Status:

Suspicious

First seen:

2026-02-13 09:56:33 UTC

File Type:

PE+ (Dll)

AV detection:

6 of 24 (25.00%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=pv6cnncz6anf3oh7vqom6cb3rh4kfeq6shbw3qxfplsa6b3tefma._file

Result

Malware family:

n/a

Score:

8/10

Tags:

n/a

Link:

https://tria.ge/reports/260213-lyf9aabs2e/

Behaviour

Suspicious use of WriteProcessMemory

Badlisted process makes network request

Unpacked files

SH256 hash:

7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

MD5 hash:

d6785ab53a439cb3c675cb887658ec53

SHA1 hash:

7257b276ae051d82a4a376d3a81c54bafe93e654

Link:

https://www.unpac.me/results/31a45e96-ce2b-4448-a32b-127c8452f799/

Malware family:

DonutLoader

Verdict:

Malicious

Link:

https://www.vmray.com/analyses/_mb/7d7c26b459f0/report/overview.html

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

exe 7d7c26b459f01a5db8ffac1ccf083b89f8a2921e91c36dc2e57ae40f07732158

(this sample)

Cape

https://www.capesandbox.com/analysis/53232/

URLhaus

https://urlhaus.abuse.ch/url/3777072/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample