MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607
SHA3-384 hash: c480de8d65925e9df9eda4216e02128e32d57d73aa228dd186cc0d08d052cec14089dcaf4783a6a5c50ec8d54466aec9
SHA1 hash: de0dd16cfc2dcfe882b0d1fa8cafe1fdccba1700
MD5 hash: 1b0f63a5f2c9f8637071730cf924dacb
humanhash: item-magazine-nine-vegan
File name:f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607
Download: download sample
File size:122'976 bytes
First seen:2026-01-04 16:06:10 UTC
Last seen:Never
File type:php macho
MIME type:application/x-mach-binary
ssdeep 3072:2+ARQw9TdJ27h7Ut2fUquAOzjnzui39B30WWzCyUdohmKu6Q:2vRQoeJS2f1Ozjnzui39B30WWzCyUdo7
TLSH T1FEC34B93772125F6C53F413A072BE7625632F915AF12A325B790E12A1E7AB70A313C4F
Magika macho
Reporter l0psec
Tags:DPRK machO SWIFT

Intelligence

File Origin
# of uploads :
1
# of downloads :
53
Origin country :
US US
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=695a8fffe148d42004df517b
Tags:
n/a
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
base64
Link:
https://www.filescan.io/uploads/695a8ffd127d6a14e0cf6c67/reports/94c6e965-d948-4552-83bf-375c9a21a907/overview
Verdict:
Malicious
Labled as:
Mac/malicious_confidence_100%
Link:
https://www.hybrid-analysis.com/sample/f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607
Verdict:
Malicious
File Type:
macho x64 le
First seen:
2025-11-06T11:41:00Z UTC
Last seen:
2026-01-04T15:49:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.OSX.Lazarus.gen
Link:
https://opentip.kaspersky.com/f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607/results?tab=lookup
Score:
96%
Verdict:
Malware
File Type:
Mach-O
Link:
https://malprob.io/report/f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607/
Verdict:
Malicious
Threat:
Trojan-Downloader.OSX.Lazarus
Link:
https://tip.neiki.dev/file/f5bd5070852baf016192d752f58f631020be07560736e7826746b07a15657607
Threat name:
MacOS.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-10-25 07:23:22 UTC
File Type:
MachO64 Little (Exe)
AV detection:
10 of 36 (27.78%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=6w6va4effoxqcyms25jpld3dcaql4b2wa43opathi2yhuflfoydq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
X
https://x.com/L0Psec/status/1988278712291479943

Comments