MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 91f30c13f56121fcfe46dc3c6a0cdfd48b6c93ad562058474a89b7568e2e6ccc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
SantaStealer
Vendor detections: 3
| SHA256 hash: | 91f30c13f56121fcfe46dc3c6a0cdfd48b6c93ad562058474a89b7568e2e6ccc |
|---|---|
| SHA3-384 hash: | 5a440b1fe47cff23069523be52ed83d7bf28a34d8fd4f1209f91a0107b8e5c24c3ee1fa04434bf90069ca8fc5f9567a2 |
| SHA1 hash: | b3e5e193a0395f0499369773f9b51edd2155bbd0 |
| MD5 hash: | 9f2f256600a8d8b0dd8b154be0491a9f |
| humanhash: | don-double-pizza-carpet |
| File name: | StakePredictor2026.zip |
| Download: | download sample |
| Signature | SantaStealer |
| File size: | 21'337'673 bytes |
| First seen: | 2026-02-03 19:44:43 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| Note: | This file is a password protected archive. The password is: predict_github |
| ssdeep | 393216:NVBTzEKgj8cQIj1YRHvuYFjfJUzMdUwMG3seGhMkA6pXFInvgcMOorOXpr7H:Njj4OoYFdxd5/GZRFevgOmE/ |
| TLSH | T1542733626CF8E7480CE0004D3001BE744FE66D69AC5AF93267E57667686A60FF7FA5C0 |
| TrID | 44.4% (.XPI) Mozilla Firefox browser extension (8000/1/1) 33.3% (.WMZ) Windows Media Player skin (6000/1/1) 22.2% (.ZIP) ZIP compressed archive (4000/1) |
| Magika | zip |
| Reporter |  aachum |
| Tags: | pw-predict_github SantaStealer zip |
Intelligence
File Origin
# of uploads :
1
# of downloads :
55
Origin country :
ESFile Archive Information
This file is a password protected archive. The password is: predict_github
This file archive contains 22 file(s), sorted by their relevance:
| File name: | iemigplugin.dll |
|---|---|
| File size: | 65'536 bytes |
| SHA256 hash: | a87344368262a54f37a8e77d989113e3910fa8c95013b20f6a7d67b6aee367f5 |
| MD5 hash: | a2edb8906ad23f54a52dd52725d91d72 |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | mf.dll |
|---|---|
| File size: | 531'984 bytes |
| SHA256 hash: | 34b067045eb60be59510ae40ebc15ad5dc3cc13dc60fb628b692101fcf797355 |
| MD5 hash: | 68ae6dcca48bc6e48aeeb9bf303203a7 |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | Dsui.dll |
|---|---|
| File size: | 180'736 bytes |
| SHA256 hash: | 1ed84e3f132d5fe73310e2bbd0844b9ab26c3f7eab19b18b7a8c8ec6af87d56b |
| MD5 hash: | 0ebe1e965d8ada718ae9602c988591fb |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | fhir.bin |
|---|---|
| File size: | 1'482'772 bytes |
| SHA256 hash: | c4ab690be0bd793e76522698583364d12ae313f3f14835aed791c07ca28e1949 |
| MD5 hash: | bd9507921ae9e3f24cdb96300b5e1ef1 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | scm.bin |
|---|---|
| File size: | 560'024 bytes |
| SHA256 hash: | 2f57e8dd95a32d23924e32aedf17d9b72d6dbe45acee04659ddaa31bd03591b1 |
| MD5 hash: | 9a4dfd7839da04772f418809ff9e8d14 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | netfactory.bin |
|---|---|
| File size: | 1'399'271 bytes |
| SHA256 hash: | 7c7082078eedf2641211893dd932d2ef86fb45a4dabef2f4de27537fae202bba |
| MD5 hash: | baf19b70bceb6b3d95419d10c1f28df1 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | setup.exe |
|---|---|
| File size: | 81'920 bytes |
| SHA256 hash: | 7b0334c329e40a542681bcaff610ae58ada8b1f77ff6477734c1b8b9a951ef4c |
| MD5 hash: | d25a9e160e3b74ef2242023726f15416 |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | cypress.cpp |
|---|---|
| File size: | 431'318 bytes |
| SHA256 hash: | 7817c7d3fb87e62f973f71ca6488ab309d1c288337355af2126cb7dfeef649b2 |
| MD5 hash: | fdba70109177cac23f5d71b022b1f4b1 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | crudrepository.c |
|---|---|
| File size: | 1'794'373 bytes |
| SHA256 hash: | 04c1a19cf0bac600bf1b8ad2b81ec7886cf58bd715bdc4e88042c7457033db58 |
| MD5 hash: | 90dad951b01ee2e189d7a886013b21b2 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | querydsl.c |
|---|---|
| File size: | 1'684'199 bytes |
| SHA256 hash: | c1a045c8a38d8f8a108a40dcd67df1f9a5abe27ee9a45f909c7bb40f1b3ab8e9 |
| MD5 hash: | 12a19c3a1ec62526fdf7b084119333cc |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | gitlabci.cpp |
|---|---|
| File size: | 551'854 bytes |
| SHA256 hash: | cc8b66c5dc76b427a07a55248a7983e1c7a834566e4d42a6079b8fac2ca4bed7 |
| MD5 hash: | a4956e62519699427101c384245a0606 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | supervisor.cpp |
|---|---|
| File size: | 1'897'593 bytes |
| SHA256 hash: | 148a78f89c29b7e57128bf6c2684ef359e4c07db6b7fa1579b5d59da41daa0b4 |
| MD5 hash: | bfe0c2a7ce4123b98ca04a6afbaeeb8a |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | install.exe |
|---|---|
| File size: | 142'641 bytes |
| SHA256 hash: | 8b4eeae1d07e264da79796fa562c7fe99effd202e1a7acc2a4482016f6b2964b |
| MD5 hash: | 41d53e48d77ddd88ff472dbb3a4b813a |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | propsys.dll |
|---|---|
| File size: | 335'872 bytes |
| SHA256 hash: | 9bf00be894e6e913edd9e91666db4bf7004bc47f1ef2ac60989ea3d3f55b2cb7 |
| MD5 hash: | 78268249475ba8f48db40bd866bd9d0a |
| MIME type: | application/x-dosexec |
| Signature | SantaStealer |
| File name: | thymeleaf.bin |
|---|---|
| File size: | 700'652 bytes |
| SHA256 hash: | a3cbca81d2a26043669555d50d2d70e0ba675b3c792f21f2d736053ac88cbbbd |
| MD5 hash: | 5065fb7a1a511fdb7f5d5394b52250c4 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | operator.c |
|---|---|
| File size: | 1'771'050 bytes |
| SHA256 hash: | 94030eb56ee14aa6e0b44e4bd7219e8e7e6126810cf3125244c9df40f8d9492f |
| MD5 hash: | 4b6b39d9839c00ed6c7314b6d1ebf963 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | xmllreader.c |
|---|---|
| File size: | 646'130 bytes |
| SHA256 hash: | 77ec00451490480f1304c564029923600caae08fb1e4fd9fd04dc0699e9313b0 |
| MD5 hash: | 34f2363eab7f5b15d051393250311044 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | certloader.bin |
|---|---|
| File size: | 849'162 bytes |
| SHA256 hash: | 2773018c950f465c690f3fe3cef7d01296ba7fdadfc3c0217870ff31fc7222d0 |
| MD5 hash: | 5b02fbeb1c2578d5444f12a0abd01d3f |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | flux.cpp |
|---|---|
| File size: | 1'790'525 bytes |
| SHA256 hash: | bd5f809e20844797148331272121bc60e4d5f25ebdfc9c1183e72134b2c016f2 |
| MD5 hash: | 876692194c622d84e715af1c00b6e1c6 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | strategy.c |
|---|---|
| File size: | 606'293 bytes |
| SHA256 hash: | 8e4e1012fb7c210c79790801f8e74761f404330ce396d97d8d14a1074858158f |
| MD5 hash: | 637398d848c18b54547bf7b5ba81f5d7 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | chainofresponsibility.cpp |
|---|---|
| File size: | 1'976'923 bytes |
| SHA256 hash: | 38e2058e94412a2278694b8386bd5386d7408179af4a490b723374e4c3e050f9 |
| MD5 hash: | 95d1a204bc6521971043aeee745330b7 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
| File name: | subscriber.c |
|---|---|
| File size: | 1'853'031 bytes |
| SHA256 hash: | 4b5df1b364468947b4fa2779a10ce63c4fbf507347e639a939af0aad183ec70f |
| MD5 hash: | a6365e1238c219975035304e7694b566 |
| MIME type: | application/octet-stream |
| Signature | SantaStealer |
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Tags:
n/a
Result
Verdict:
UNKNOWN
Link:
Verdict:
Unknown
File Type:
zip
Gathering data
Gathering data
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.20
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
SantaStealer
zip 91f30c13f56121fcfe46dc3c6a0cdfd48b6c93ad562058474a89b7568e2e6ccc
(this sample)
exe 
Delivery method
Distributed via web download
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.