MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c90435370728d48cba1c00d92cc3bf99e85f01aa52ecd6c6df2e8137db964796. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Arechclient2


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c90435370728d48cba1c00d92cc3bf99e85f01aa52ecd6c6df2e8137db964796
SHA3-384 hash: 72a40e59ff68d501a094cb376568038adca3359fa81736b72f2dd07301d526e068ab2f1c5720cec89bfb6dba99f4d155
SHA1 hash: 8297888f5f167432ea2cb6e5a02624759fe72e24
MD5 hash: 0b7482c3044cf2e61c16dcd0426c73ec
humanhash: red-queen-potato-tennessee
File name:drag2pdf.zip
Download: download sample
Signature Arechclient2
Create hunting rule
File size:6'908'049 bytes
First seen:2026-03-25 00:52:03 UTC
Last seen:Never
File type: zip
MIME type:application/x-rar
ssdeep 196608:X+UUg8uMPGjoBrU9fV4LAj+Uca+beQ98O8:wXP7rUZV+o+UQKO8
TLSH T1246633F22B117243B2178A9047EF1EB4972D49A06A46C3D0BBCCFB66772C3950907F5A
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter Brad_malware
Tags:195-85-115-11 Arechclient2 SectopRAT zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
79
Origin country :
US US
File Archive Information

This file archive contains 19 file(s), sorted by their relevance:

File name:vcruntime140_1.dll
File size:49'824 bytes
SHA256 hash: a535ba88d242ad1924077f1cb6f3287eb053a83d27a1aacb61e6e8ab277e81bd
MD5 hash: 12104966c078618c036a6ac3a03a79bb
MIME type:application/x-dosexec
Signature Arechclient2
File name:libstdc++-6.dll
File size:2'463'194 bytes
SHA256 hash: ffdee6daaa4afc1975a4ec0371161078a864c6c1f27186b93a673801cad99eba
MD5 hash: 444c1509eb2e1dfa3e23a4f92cc97b31
MIME type:application/x-dosexec
Signature Arechclient2
File name:libgcc_s_seh-1.dll
File size:151'364 bytes
SHA256 hash: 729214efc075b7d4a6fd6309d13f8c49574f3d30c60cf0fb6fc002d90a265866
MD5 hash: 34883f52673bded72f9aa7492476dfed
MIME type:application/x-dosexec
Signature Arechclient2
File name:msvcp140_2.dll
File size:268'912 bytes
SHA256 hash: fbb8557f73ab9a207bd67643fdcf9ae34527325d227c53707cebdf0d1c8c4658
MD5 hash: f7b44650da2eb3b80cdda2ac699f4a0f
MIME type:application/x-dosexec
Signature Arechclient2
File name:epdf0409.dll
File size:199'168 bytes
SHA256 hash: 8913d9dd8f1aefe733e951d039bc0ccb7d383d66dc2108c317de6e437c310bfa
MD5 hash: 0560b954530f48ee1cf60142870f5468
MIME type:application/x-dosexec
Signature Arechclient2
File name:edocpdfp.dll
File size:12'972'672 bytes
SHA256 hash: c8f90a4f35c88538f7519cbc3966351db1d41f3c81d12223db6ccd7b021ab2c3
MD5 hash: 053a35444366091357f17dd7573626c0
MIME type:application/x-dosexec
Signature Arechclient2
File name:msvcp140_1.dll
File size:35'976 bytes
SHA256 hash: ba0cd05bef6aa5f54f8e86a175742020a98e35a6df116402e5e31ff9e0e8d72b
MD5 hash: d508b529bbb3849032c7b3d41cb01360
MIME type:application/x-dosexec
Signature Arechclient2
File name:LangeFree.dll
File size:159'744 bytes
SHA256 hash: b18c46a477a2a18427bfdc0306275ab8a20245287fb44ddb10c1a8f4a7fbd0e5
MD5 hash: 7dd65bccf20359cc701519c479ea6fda
MIME type:application/x-dosexec
Signature Arechclient2
File name:vcruntime140.dll
File size:124'544 bytes
SHA256 hash: dfec5c8efcdb4a44f8adb18504c9a76ea3eb440d61a250c07685359b8b3c706e
MD5 hash: c5323d2c77fcb6957ae19c373c92e086
MIME type:application/x-dosexec
Signature Arechclient2
File name:COFF_SYMBOLS
File size:8'154 bytes
SHA256 hash: 6e26371ee7f40c4c16b72cb2c45b9d25609174aceef96d101c37b5c36e95cf09
MD5 hash: 74a38f04cd9079c350a684055b1ece84
MIME type:application/octet-stream
Signature Arechclient2
File name:img.dll
File size:111'104 bytes
SHA256 hash: f30db55d4687ddfba30dac58aa848431ba288f407b60f9622c92e75ab21778f7
MD5 hash: 9e427f542d855e7f9e3092e9d9dddaf8
MIME type:application/x-dosexec
Signature Arechclient2
File name:drag2pdf.exe
File size:1'273'440 bytes
SHA256 hash: cc0d28755e70f35d0bb61359428761aaac3880310992324333f5856aa3cb34e2
MD5 hash: 84efd0dc899a0b593c9f516f2baacacf
MIME type:application/x-dosexec
Signature Arechclient2
File name:VideoFilterDesigner.dll
File size:181'248 bytes
SHA256 hash: 179b320b092b77bf19e6cc3a8264b52efc6c00d0256ce4cf7677ad4f6edb1fec
MD5 hash: d0933184e3e125ba9778a10f89d75af5
MIME type:application/x-dosexec
Signature Arechclient2
File name:ucrtbase.dll
File size:997'056 bytes
SHA256 hash: 4c5b8e529854cedfa8f46cd6906952400cdbbf25efc4cf37dda2c42d8e96ddcb
MD5 hash: ed82e9c6c4f7a475d7fd6ebabf3fab2a
MIME type:application/x-dosexec
Signature Arechclient2
File name:concrt140.dll
File size:344'712 bytes
SHA256 hash: 8032b43bdd2f18ce7eb131e7cd542967081bea9490df08681bf805ce4f4d3aab
MD5 hash: 65f2e5a61f39996c4df8ae70723ab1f7
MIME type:application/x-dosexec
Signature Arechclient2
File name:libwinpthread-1.dll
File size:63'678 bytes
SHA256 hash: 04737a97282e4068a06ebce60ef80d2f42b8dd33ed7f2cf09ee85d4167e6f9a1
MD5 hash: 3134477e8dd41782ef0406d2b71361d3
MIME type:application/x-dosexec
Signature Arechclient2
File name:msvcp140.dll
File size:557'704 bytes
SHA256 hash: 90bc62d4947a5878f1dc1057312f3be2137eb376039f4afda2f64c06353f2198
MD5 hash: 90821c2537f28a115b3d6364ef3f2b8e
MIME type:application/x-dosexec
Signature Arechclient2
File name:Stop_Chart.bak
File size:1'044'712 bytes
SHA256 hash: 01646d7143da61b9aab14c055da08c8815f05a5a6e622c799a5ee76727743cac
MD5 hash: c38b107b71d52bcccd3547e073662067
MIME type:application/octet-stream
Signature Arechclient2
File name:toolkitcommunity.db
File size:1'089'941 bytes
SHA256 hash: f1d183b287bbb1b87738cddf04d1469e82b78869b24cbba2ba3be368d7689fdf
MD5 hash: 04764513c58fab3ab3c6d7530787b5c0
MIME type:application/octet-stream
Signature Arechclient2
Vendor Threat Intelligence
Details
Link:
https://research.acce.ciphertechsolutions.com/results/48bdfebe-c32c-4e0d-86f8-d17a18a6fec8/
Detection(s):
YARA.MALPEDIA_Win_Bqtlock_Auto.UNOFFICIAL
Create hunting rule

MiscreantPunch.SingleXOR.EXE.224.UNOFFICIAL
Create hunting rule

Sanesecurity.Foxhole.Rar_pdf.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=694ccd95038f10550b5577bd
Tags:
n/a
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/c90435370728d48cba1c00d92cc3bf99e85f01aa52ecd6c6df2e8137db964796
Result
Gathering data
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c90435370728d48cba1c00d92cc3bf99e85f01aa52ecd6c6df2e8137db964796/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zecdknyhfdkizoq4admszq57thuf6ankklwnnrw7f2atpw4wi6la._file
Result
Malware family:
sectoprat
Create hunting rule
Score:
  10/10
Tags:
family:sectoprat discovery rat spyware stealer trojan
Link:
https://tria.ge/reports/260325-hcjwhagt2l/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments