MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331
SHA3-384 hash: c0336d63120dabcbfafffebe54f45188545d2163726189ed755915909500feac2305cbf287d2d211dcb677f73c8d5b44
SHA1 hash: 0acd81176f50083447a052e83a9c4d9d6c756967
MD5 hash: 13adf43aa05381961caab5af69c3f262
humanhash: july-lima-west-india
File name:yezura-beta.exe
Download: download sample
File size:89'353'728 bytes
First seen:2026-04-05 14:29:43 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 359e649ab913e838011b9d61180c7f7f (1 x MicroStealer)
ssdeep 786432:U4WW714JtHT4bC6UvH2zMbUSpgPVlcmp:U4Wu4JtHT+nzmab
TLSH T126187D13B3A705D5E8FBDA7096E652236932BC066F3095DF324C07262F73AE05A76B11
TrID 51.9% (.EXE) Win64 Executable (generic) (6522/11/2)
16.1% (.EXE) OS/2 Executable (generic) (2029/13)
15.9% (.EXE) Generic Win/DOS Executable (2002/3)
15.9% (.EXE) DOS Executable (generic) (2000/1)
Magika pebin
dhash icon 2896969606a6dec8 (1 x MicroStealer)
Reporter abuse_ch
Tags:de-pumped exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
1'203
Origin country :
NL NL
Vendor Threat Intelligence
Gathering data
Malware family:
n/a
ID:
1
File name:
yezura-beta.exe
Verdict:
No threats detected
Analysis date:
2026-04-05 14:37:28 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/30dc52ac-e6e3-449c-8df4-36aa131ff625

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Clean
Score:
N/A%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69d2722a6a61012f6acf0b6c
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:

Behaviour
Creating a file
Gathering data
Verdict:
Malicious
Labled as:
Trojan.Win64.Agent
Link:
https://www.hybrid-analysis.com/sample/d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331
Verdict:
Clean
File Type:
exe x64
First seen:
2026-04-05T16:15:00Z UTC
Last seen:
2026-04-05T16:27:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331/results?tab=lookup
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
2 / 100
Link:
https://www.joesandbox.com/analysis/1893787
Behaviour
Behavior Graph:
n/a
Score:
0%
Verdict:
Benign
File Type:
PE
Link:
https://malprob.io/report/d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331
Gathering data
Verdict:
Clean
Link:
https://tip.neiki.dev/file/d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331
Threat name:
Win64.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-04-05 14:31:02 UTC
File Type:
PE+ (Exe)
Extracted files:
18
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2pia5r2ojv5576xrpnimgwj57zyrsufvsberdn6nmdiqaiyoamyq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260405-rvhktset3s/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

7z ec517c9ec8f6a6845ffe8ca9825bc31b2fe5719b2df0301fd016236f0048d01e

Executable exe d3d00ec74e4d7bdffaf17b50c3593dfe711950b5904911b7cd60d100230e0331

(this sample)

  
Dropped by
MD5 1ebc93dec726f8e3642e570d9980dd7b
  
Dropped by
SHA256 ec517c9ec8f6a6845ffe8ca9825bc31b2fe5719b2df0301fd016236f0048d01e

Comments