MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc
SHA3-384 hash: 6c9dd74c455f34a11d2655f7e35087dea476ff7fd6f4c814df882dda41c04cfc7b85ffb0a6e6fa13d891f8bb311c7774
SHA1 hash: b1dc5ae589e5ddb55231fcfe92d1f660b8c3cdf8
MD5 hash: f3fd650efd78962d7a82d93f03ca01c7
humanhash: hamper-oklahoma-whiskey-fanta
File name:test.exe
Download: download sample
File size:36'576'256 bytes
First seen:2026-03-26 09:26:00 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash d42595b695fc008ef2c56aabd8efd68e (217 x Vidar, 92 x Rhadamanthys, 85 x Stealc)
ssdeep 196608:GSEgAVbzM4Vy0xOwjp4W+rLOH0L+Re9MJghj9lc:GfbzM4cpCp4W+r1L+g9bp
TLSH T14B873B87F8E21D94C4EAC5B1D135816BBA713C285B3C23DB0AA1B7241F3EBD05A7A751
TrID 33.1% (.EXE) Win64 Executable (generic) (6522/11/2)
25.6% (.EXE) Win16 NE executable (generic) (5038/12/1)
10.4% (.ICL) Windows Icons Library (generic) (2059/9)
10.3% (.EXE) OS/2 Executable (generic) (2029/13)
10.1% (.EXE) Generic Win/DOS Executable (2002/3)
Magika pebin
Reporter juroots
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
128
Origin country :
US US
Vendor Threat Intelligence
Malware configuration found for:
Sliver
Details
Link:
https://research.acce.ciphertechsolutions.com/results/c0f4f99b-2c7b-450f-a22c-9e11cf5d111a/
Malware family:
n/a
ID:
1
File name:
test.exe
Verdict:
No threats detected
Analysis date:
2026-03-26 09:36:10 UTC
Tags:
anti-evasion golang
Link:
https://app.any.run/tasks/c083abee-c5a5-46db-b731-fc15a0376e13

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69c4fc05390b99647413e82c
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:

Behaviour
Connection attempt
DNS request
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
crypto golang obfuscated
Link:
https://www.filescan.io/uploads/69c4fc10be4fad62665c6a5d/reports/cc611fb2-be95-40ba-878e-69201078dc1c/overview
Verdict:
Malicious
Labled as:
Win/malicious_confidence_100%
Link:
https://www.hybrid-analysis.com/sample/da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc
Verdict:
Malicious
File Type:
exe x64
First seen:
2026-03-26T06:31:00Z UTC
Last seen:
2026-03-28T05:25:00Z UTC
Hits:
~100
Detections:
HackTool.Win64.Vilers.sb Trojan.Win64.Vilers.sb HEUR:Trojan.Multi.Vilers.gen HEUR:Trojan.Multi.MalGO.gen
Link:
https://opentip.kaspersky.com/da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc/results?tab=lookup
Score:
98%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc
Gathering data
Verdict:
Malicious
Threat:
Family.SLIVER
Link:
https://tip.neiki.dev/file/da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc
Threat name:
Win64.Hacktool.Sliver
Create hunting rule
Status:
Malicious
First seen:
2026-03-25 14:45:46 UTC
File Type:
PE+ (Exe)
AV detection:
13 of 38 (34.21%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3jb6spxjlr6n7u4utfgwzmoth3ehkanybf2ywah74s3ninksqdoa._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260326-le4kgaez2x/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe da43e93ee95c7cdfd394994d6cb1d33ec87501b809758b00ffe4b6d4355280dc

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3805664/
  
Delivery method
Distributed via web download

Comments