MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AdaptixC2

Vendor detections: 14

Intelligence 14 IOCs YARA 2 File information Comments

SHA256 hash:	801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70
SHA3-384 hash:	f42ac13a92b84ca0b703b93c7ac944119ac9ad82082082a458660ee8b11a657d5fd78b497a20649a8477ca5f993884a1
SHA1 hash:	9e85420f51104dfc42096e114895fae223459f4a
MD5 hash:	11609064f34537f722ed00513d9d89ac
humanhash:	yellow-cup-carpet-angel
File name:	11609064f34537f722ed00513d9d89ac.exe
Download:	download sample
Signature	AdaptixC2 Create hunting rule
File size:	176'304 bytes
First seen:	2025-12-25 12:04:51 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	c86a15ad8daa9fda8a1aa35746d80e0f (17 x AdaptixC2)
ssdeep	1536:UmjklNrqI1q3y2z79tGRh++TVSi6nYVa58po0e2/T20yZF+EFaD:1j2K/+b81KSdZYh
Threatray	33 similar samples on MalwareBazaar
TLSH	T161045236E6B3C46DC05ED634AF83A4B3B9F17C5C4634751947C1A6223B6BD386BAE180
TrID	41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5) 26.1% (.EXE) Win64 Executable (generic) (10522/11/4) 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1) 5.1% (.ICL) Windows Icons Library (generic) (2059/9) 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Magika	pebin
Reporter	abuse_ch
Tags:	AdaptixC2 exe

Intelligence

File Origin

# of uploads :

# of downloads :

105

Origin country :

Vendor Threat Intelligence

No detections

Malware family:

n/a

ID:

File name:

_801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70.exe

Verdict:

No threats detected

Analysis date:

2025-12-25 12:10:33 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/8fd6a35a-2628-4be6-9510-6c35316a122c

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/46027/

Detection(s):

Win.Malware.Adaptixc-10058672-0

Win.Trojan.AdaptixC2-10058663-0

Verdict:

Malicious

Score:

99.1%

Link:

https://cyber-fortress.com/docs/result/index.php?id=694d2884038f10550b558889

Tags:

virus

Verdict:

Malicious

Labled as:

Trojan.Generic

Link:

https://www.hybrid-analysis.com/sample/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

Verdict:

Malicious

File Type:

exe x64

First seen:

2025-12-19T18:25:00Z UTC

Last seen:

2025-12-27T03:25:00Z UTC

Hits:

~10

Detections:

HEUR:Backdoor.Win64.AdaptixC2.a Backdoor.Win64.AdaptixC2.sb

Link:

https://opentip.kaspersky.com/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70/results?tab=lookup

Malware family:

AdaptixC2

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/540e5ca0-36d4-4992-9d03-43adab7ca809

Result

Threat name:

n/a

Detection:

malicious

Classification:

n/a

Score:

48 / 100

Link:

https://www.joesandbox.com/analysis/1839290

Signature

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Score:

99%

Verdict:

Malware

File Type:

Link:

https://malprob.io/report/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

Verdict:

inconclusive

YARA:

4 match(es)

Tags:

Executable PE (Portable Executable) PE File Layout Win 64 Exe x64

Link:

https://app.malva.re/file/11609064f34537f722ed00513d9d89ac

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70/

Verdict:

Malicious

Threat:

Family.ADAPTIXC2

Link:

https://tip.neiki.dev/file/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

Threat name:

Win64.Trojan.Fragtor

Status:

Malicious

First seen:

2025-12-19 20:49:00 UTC

File Type:

PE+ (Exe)

AV detection:

22 of 36 (61.11%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=qakhpztntftwxbv4lcn2nneukhtm5gcxb4j7sicljdjlybbxfnya._file

Verdict:

malicious

Label(s):

adaptixc2

AdaptixC2

1c72af27762f9c18e927caea93182d1895086f7d64e2af6d0197984e5220ed8e

AdaptixC2

500896fbd343a7c713ddce1815d9827606edae3f81abf0fba68cb6b163ce0871

AdaptixC2

801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

AdaptixC2

a3afe77a546d43e2cbfb2475d08c67faa8c5fad832cd58c069dfd4b476b7031c

AdaptixC2

cc59222114d66968d342258240c9cd56b4182ea432952073359fec07c7cc4853

AdaptixC2

ddfa43064097e71896ee6d75af3bc211bdeb847da40849c2789339c06b048771

AdaptixC2

error

AdaptixC2

+ 23 additional samples on MalwareBazaar

Result

Malware family:

adaptixc2

Score:

10/10

Tags:

family:adaptixc2 RAT backdoor trojan

Link:

https://tria.ge/reports/251225-n8836awnay/

Behaviour

AdaptixC2

Adaptixc2 family

Malware Config

C2 Extraction:

43.134.163.224:443

Verdict:

Suspicious

Tags:

n/a

YARA:

n/a

Link:

https://app.threat.zone/submission/8abeee0b-4895-4fb5-8bd0-fd16812d91dc

Unpacked files

SH256 hash:

801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

MD5 hash:

11609064f34537f722ed00513d9d89ac

SHA1 hash:

9e85420f51104dfc42096e114895fae223459f4a

Link:

https://www.unpac.me/results/c9e86acd-8765-4f8f-b014-df448738b64e/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/801477e66d99676b86bc589ba6b49451e6ce98570f13f9204b48d2bc04372b70

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:	golang_bin_JCorn_CSC846 Create hunting rule
Author:	Justin Cornwell
Description:	CSC-846 Golang detection ruleset

Rule name:	pe_detect_tls_callbacks Create hunting rule

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape

https://www.capesandbox.com/analysis/46027/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample