MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d
SHA3-384 hash: 24755dd82056d14ed0424b18da63e9eb0750c2f159acc8ccfea01b2af38b992f0254ff8ed2fd0e3afdb4807a6a32eac1
SHA1 hash: e2af99d12030b64d4d6a2bec0d2a6f80a7759750
MD5 hash: d328d1463688d130aac31ae7bc3d49a8
humanhash: neptune-hawaii-kansas-undress
File name:2LazMAR30_hvvvvvvvvvvvvvvvv.py
Download: download sample
File size:7'867'706 bytes
First seen:2026-03-31 17:54:21 UTC
Last seen:Never
File type:
MIME type:application/x-bytecode.python
ssdeep 192:2oUA5BBoOsjZIZ1dhLfh5bGRnWRpan9+Qa88SdjbLsDu3jGsBGeeCK+X3puSO1oP:xpzBlZ1/fhVGRnOpQ/b8S9b4M7
TLSH T13486A97590F53509DBE17CA2C56CE6E270ABD7892B4309EBD2C9DAF4C05413AA3217CE
Magika pythonbytecode
Reporter kirkderp
Tags:py

Intelligence

File Origin
# of uploads :
1
# of downloads :
21
Origin country :
US US
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Python.Agent-YF.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69cc0f4c3a18a6e1ddf0192d
Tags:
virus
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d
Verdict:
Malicious
File Type:
pybcode
First seen:
2026-03-26T20:31:00Z UTC
Last seen:
2026-03-26T20:41:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan.Python.Kramer.gen
Link:
https://opentip.kaspersky.com/a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d/results?tab=lookup
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d/
Verdict:
Malicious
Threat:
Trojan.Python.Kramer
Link:
https://tip.neiki.dev/file/a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d
Threat name:
Script-Python.Packed.Kramer
Create hunting rule
Status:
Malicious
First seen:
2026-03-25 13:14:46 UTC
File Type:
Binary
AV detection:
9 of 36 (25.00%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=uayzi4am3qxrfbby5oaxoulu34wx6y2kpfxyxcposw54gj4dlqoq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260331-wv3yzscw7l/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a03194700cdc2f128438eb81775174df2d7f634a796f8b89ee95bbc327835c1d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments