MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AdaptixC2

Vendor detections: 12

Intelligence 12 IOCs YARA 2 File information Comments

SHA256 hash:	d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2
SHA3-384 hash:	3a56e3075bed2ac1f604458a67b3a7e296128fba9bb7697ed84acd5e525a101c2ee7df08acb2ca6c04ee00397314cdfd
SHA1 hash:	50ee89b3af80dc689258fd04adc15d29fa7ac08a
MD5 hash:	4a2bedfdbe17772a368e6b83e1311a6c
humanhash:	purple-nuts-kentucky-lamp
File name:	Program.exe
Download:	download sample
Signature	AdaptixC2 Create hunting rule
File size:	81'920 bytes
First seen:	2025-12-19 11:58:29 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	cb57dbab8145819a37b256afe9bec21f (1 x AdaptixC2)
ssdeep	1536:O0466QjmqKbYM/2+k0WrNRkrm2Wa9y6ZVeXK5a+GlJROJRs51BBkQi:OrcuI8rPU+MzOfs5f6
Threatray	17 similar samples on MalwareBazaar
TLSH	T17A835437E6B3C4ADC46FD534AF43A4B2B9F17C184634661647C1A6213B2BD386BBE640
TrID	41.1% (.EXE) Microsoft Visual C++ compiled executable (generic) (16529/12/5) 26.1% (.EXE) Win64 Executable (generic) (10522/11/4) 12.5% (.EXE) Win16 NE executable (generic) (5038/12/1) 5.1% (.ICL) Windows Icons Library (generic) (2059/9) 5.0% (.EXE) OS/2 Executable (generic) (2029/13)
Magika	pebin
Reporter	NDA0E
Tags:	AdaptixC2 exe

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Malware family:

n/a

ID:

File name:

_d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2.exe

Verdict:

No threats detected

Analysis date:

2025-12-19 12:00:46 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/15706e3e-db98-45d0-ae40-af3472e95234

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/45501/

Detection(s):

Win.Malware.Zusy-10058289-0

Win.Malware.Adaptixc-10058672-0

Verdict:

Malicious

Score:

70%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69453e1a021cfe859b07bc17

Tags:

malware

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Tags:

anti-debug base64 packed

Link:

https://www.filescan.io/uploads/69453e1484afa5547b5a7a67/reports/45639b09-bd03-4958-b8bf-b205c268540e/overview

Verdict:

Malicious

Labled as:

Backdoor.AdaptixC2.A.Generic

Link:

https://www.hybrid-analysis.com/sample/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

Verdict:

Malicious

File Type:

exe x64

First seen:

2025-12-19T09:06:00Z UTC

Last seen:

2025-12-19T18:07:00Z UTC

Hits:

~10

Detections:

HEUR:Backdoor.Win64.AdaptixC2.b Backdoor.Win64.AdaptixC2.sb

Link:

https://opentip.kaspersky.com/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2/results?tab=lookup

Malware family:

AdaptixC2

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/a5d66436-8da7-43ab-a8bf-7a78b7c06ddf

Score:

98%

Verdict:

Malware

File Type:

Link:

https://malprob.io/report/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

Verdict:

inconclusive

YARA:

4 match(es)

Tags:

Executable PE (Portable Executable) PE File Layout Win 64 Exe x64

Link:

https://app.malva.re/file/4a2bedfdbe17772a368e6b83e1311a6c

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2/

Verdict:

Malicious

Threat:

Backdoor.Win64.AdaptixC2

Link:

https://tip.neiki.dev/file/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

Threat name:

Win64.Backdoor.AdaptixC2

Status:

Malicious

First seen:

2025-12-19 11:40:18 UTC

File Type:

PE+ (Exe)

AV detection:

15 of 24 (62.50%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=2fgb74q474xaszy3mnwr7v3gprbu3cz2rqbpxou7tkmhv56lj7ra._file

Verdict:

malicious

Label(s):

adaptixc2

AdaptixC2

3b41578c2583a93966207bb1cee44153d1d98af48b57f447f2f3596172e381c0

AdaptixC2

7e94fe9333f37a25dc0dd9491e29c04c68c5181618bc39ea5d9410d64f8b1459

AdaptixC2

8ca74bbef63dfb18383c9b411e7bad71e8ffbad517a6d2b75037a064f498bc8b

AdaptixC2

c0226bffae3033a466a292824e9780ac98c11a4e1d4fad967b6fced2c99dcbe1

AdaptixC2

d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

AdaptixC2

error

AdaptixC2

+ 7 additional samples on MalwareBazaar

Result

Malware family:

adaptixc2

Score:

10/10

Tags:

family:adaptixc2 RAT backdoor trojan

Link:

https://tria.ge/reports/251223-p8sxlszldz/

Behaviour

AdaptixC2

Adaptixc2 family

Verdict:

Malicious

Tags:

Win.Malware.Zusy-10058289-0

YARA:

n/a

Link:

https://app.threat.zone/submission/3de0d35d-67e3-44e1-8b5d-b58dfc782c95

Unpacked files

SH256 hash:

d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

MD5 hash:

4a2bedfdbe17772a368e6b83e1311a6c

SHA1 hash:

50ee89b3af80dc689258fd04adc15d29fa7ac08a

Link:

https://www.unpac.me/results/710aaea4-c6f7-41a0-934f-91413023c7a4/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.14

Link:

https://yomi.yoroi.company/submissions/d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:	golang_bin_JCorn_CSC846 Create hunting rule
Author:	Justin Cornwell
Description:	CSC-846 Golang detection ruleset

Rule name:	pe_detect_tls_callbacks Create hunting rule

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

AdaptixC2

exe d14c1ff21cff2e09671b636d1fd7667c434d8b3a8c02fbba9f9a987af7cb4fe2

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3737115/

Delivery method

Distributed via web download

Cape

https://www.capesandbox.com/analysis/45501/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample