MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RemusStealer


Vendor detections: 12


Intelligence 12 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
SHA3-384 hash: d67bafc172c1a0efaf6f8b20b3cdbf183c0da279bab7050cd0a3622ef292b9181ea32b8ef8cb7c873ffb757af5950d70
SHA1 hash: b759fb5d9d58095fd7a346c314c3c5621b4b775b
MD5 hash: ddb39476a40bb64efba7e38cca2ecf12
humanhash: berlin-dakota-earth-robin
File name:c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
Download: download sample
Signature RemusStealer
Create hunting rule
File size:204'800 bytes
First seen:2026-06-05 06:51:24 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash c81db0a320cdad5ab41c9a291ea9b6e9 (13 x RemusStealer, 11 x Smoke Loader)
ssdeep 6144:mpFJxVbqzn7nZsdAzjOj2lvF8EIuGKoyqYY:mtxVbqYQlvFE
Threatray 1 similar samples on MalwareBazaar
TLSH T1A914386BD25371FCE553C07882667231B732B63907346EF742A2D334AE329D06E78969
TrID 51.9% (.EXE) Win64 Executable (generic) (6522/11/2)
16.1% (.EXE) OS/2 Executable (generic) (2029/13)
15.9% (.EXE) Generic Win/DOS Executable (2002/3)
15.9% (.EXE) DOS Executable (generic) (2000/1)
Magika pebin
Reporter JAMESWT_WT
Tags:Click-Hijacking-TDS exe RemusStealer

Intelligence

File Origin
# of uploads :
1
# of downloads :
138
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
_c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4.exe
Verdict:
No threats detected
Analysis date:
2026-06-05 07:24:07 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/62af0f4f-d3b1-4245-ada8-e32983b739ad

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/69126/
Detection(s):
SecuriteInfo.com.Trojan.PWS.Spy.21863.25956.9553.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6a227225f8676ad4d3614494
Tags:
virus
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Verdict:
Malicious
Labled as:
Win/malicious_confidence_100%
Link:
https://www.hybrid-analysis.com/sample/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
Verdict:
Clean
File Type:
exe x64
First seen:
2026-02-23T09:54:00Z UTC
Last seen:
2026-02-23T14:25:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4/results?tab=lookup
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/08a439a9-36cb-470c-9c4a-640257516e4e
Score:
97%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4/
Verdict:
Malicious
Threat:
Family.REMUSSTEALER
Link:
https://tip.neiki.dev/file/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
Threat name:
Win64.Trojan.Lazy
Create hunting rule
Status:
Malicious
First seen:
2026-02-23 18:29:00 UTC
File Type:
PE+ (Exe)
AV detection:
25 of 36 (69.44%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ynz3476cmwugvtvd6g5f7yvsa2viv3fzrb3jwj5iv4dl3hbpccsa._file
Verdict:
malicious
Label(s):
remus
Create hunting rule
Similar samples:
error
RemusStealer
Result
Malware family:
remus_stealer
Create hunting rule
Score:
  10/10
Tags:
family:remus_stealer stealer
Link:
https://tria.ge/reports/260605-hm713sc19m/
Unpacked files
SH256 hash:
c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4
MD5 hash:
ddb39476a40bb64efba7e38cca2ecf12
SHA1 hash:
b759fb5d9d58095fd7a346c314c3c5621b4b775b
Link:
https://www.unpac.me/results/d17259ae-ecc2-4170-a8e7-981fc3c23e7d/
Malware family:
RemusLogger
Create hunting rule
Verdict:
Malicious
Link:
https://www.vmray.com/analyses/_mb/c373be7fc265/report/overview.html
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c373be7fc265a86acea3f1ba5fe2b206aa8aecb988769b27a8af06bd9c2f10a4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/69126/

Comments