MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f
SHA3-384 hash: e2975b2527d44e07f8cd8aefa116399d138709cf4c68c5e7783750003b9f9129f046442ec56c5758d587e33d024dbb1a
SHA1 hash: fcb9c97cf4113fb75fbcd7ff214d4d1051e65c9a
MD5 hash: 3c9c9de290bd5e0f28839976cdb8532b
humanhash: iowa-winner-spaghetti-spaghetti
File name:Loader.exe
Download: download sample
File size:89'345'536 bytes
First seen:2026-03-05 18:53:04 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 359e649ab913e838011b9d61180c7f7f (1 x MicroStealer, 1 x LucidStealer)
ssdeep 786432:+fgXTwWcQDgFFo5+6eYJL7beVpgPVlcm6:aGTwUDgFFoB7bB
TLSH T114187D03B3A705D5E8FBDA7196E652136932BC066F3095DF324C07262F73AE05A76B21
TrID 51.9% (.EXE) Win64 Executable (generic) (6522/11/2)
16.1% (.EXE) OS/2 Executable (generic) (2029/13)
15.9% (.EXE) Generic Win/DOS Executable (2002/3)
15.9% (.EXE) DOS Executable (generic) (2000/1)
Magika pebin
dhash icon 2896969606a6dec8 (1 x MicroStealer)
Reporter abuse_ch
Tags:de-pumped exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
108
Origin country :
NL NL
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
Loader.exe
Verdict:
No threats detected
Analysis date:
2026-03-05 18:55:16 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/4150702e-cf4d-457c-bf30-1155937760c4

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69a9d148002d37d5c984274e
Tags:
n/a
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
adaptive-context anti-debug crypto fingerprint microsoft_visual_cc
Link:
https://www.filescan.io/uploads/69a9d12ccd25bfe1dfe171d9/reports/e58b1ae8-61f3-49d1-ae32-bfcc20ab1af5/overview
Verdict:
Malicious
Labled as:
JS/Agent_AGeneric.O trojan
Link:
https://www.hybrid-analysis.com/sample/a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f
Verdict:
Clean
File Type:
exe x64
Link:
https://opentip.kaspersky.com/a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f/results?tab=lookup
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
2 / 100
Link:
https://www.joesandbox.com/analysis/1879189
Behaviour
Behavior Graph:
n/a
Score:
0%
Verdict:
Benign
File Type:
PE
Link:
https://malprob.io/report/a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f
Gathering data
Verdict:
Clean
Link:
https://tip.neiki.dev/file/a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f
Threat name:
Win64.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-03-05 18:54:43 UTC
File Type:
PE+ (Exe)
Extracted files:
18
AV detection:
8 of 24 (33.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ujdpfp5xphz7f4o6ptt3u5q4si2zvfoybi7mdr2e6si45ruakyxq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260305-xjw7qsft7q/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

MythStealer

rar 028bc6de3033f51fe9602e5e3036abdef26e49b581a332f3a67ee5dd981b7f30

Executable exe a246f2bfb779f3f2f1de7ce7ba761c92359a95d80a3ec1c744f491cec680562f

(this sample)

  
Dropped by
MD5 2c5c6efe198473409c8abf3ba6723a81
  
Dropped by
SHA256 028bc6de3033f51fe9602e5e3036abdef26e49b581a332f3a67ee5dd981b7f30

Comments