Statistics

Top Reporters Signatures (Malware Family) Most downloaded Malware Samples Most discussed Malware Samples Most used tags Clamav signature ReversingLabs CAPE Sandbox CERT.PL MWDB File Types imphashes ssdeep

Number of submissions (past 30 days)

The chart below documents the number of submissions (unique malware samples) to MalwareBazaar per day over a period of 30 days.


Top Reporters

It wouldn't be possible to operate MalwareBazaar without the help of volunteers who contribute malware samples to MalwareBazaar. The table below shows the top reporters and their Twitter handle.

RankReporterSubmissions
1Twitter @abuse_ch40'098
2Twitter @Cryptolaemus130'523
3Twitter @lazyactivist1929'687
4Twitter @JAMESWT_MHT9'447
5Twitter @jarumlus5'256
6Twitter @SecuriteInfoCom5'099
7Twitter @FORMALITYDE4'966
8Twitter @cocaman3'035
9Twitter @defconisov3r2'312
10Twitter @James_inthe_box2'035
11Twitter @Jouliok1'709
12Twitter @GovCERT_CH1'514
13Twitter @raashidbhatt1'104
14Twitter @malware_traffic1'031
15Twitter @Marco_Ramilli987

Top Malware Family

Most seen malware family (signature) associated with malware samples on MalwareBazaar.

Most downloaded Malware Samples

Most downloaded malware samples on MalwareBazaar.

DownloadsMalware SampleTypeSignatureReporter
2'422f0ad6a854cc6b8511c0499267c59c3e9a987845c912f3da030dd5a2201978385 shTwitter @defconisov3r
2'360afb4b0092c76214b9ac99cf9c00ae56163916c04e7713bd56a38abf07a81a7d7 htmlTwitter @TheGing3rm4n
2'3530a1375c20684fb7bba86548825e2e16ce0ad34c21da4b562e8774df154aa8c67 cabTwitter @cocaman
2'35302419de92a33a88bc17701008182ca9f7ea8d4645311b837b98738acdea83254 shTwitter @defconisov3r
2'3485470f0644589685000154cb7d3f60280acb16e39ca961cce2c016078b303bc1bunknownTwitter @Threat_hunts
2'3337fad486d054e36626a9842c99b2ff58dbf9e264d8faf45b3376afa02f0e829a7 shTwitter @defconisov3r
2'330455e09d22b9e9b172e5cf25a87f70c079bf97edc0295251a42f48211caf5043fVisual Basic Script (vbs) vbsTwitter @creP_R2point0
2'32942f8b10e4051c44e24067701b80674ac907fb49435cbb300e6b3fd6902d3de27unknownTwitter @defconisov3r
2'326b4e670799c0a241b69b231fd9a1d3c2e2a29b4d4d67c9bf746c01a6f19b0210d shTwitter @defconisov3r
2'326c2577719ac323c385fdae61c336d5582472c2441ac1ec0699ec0948305ae8786 shTwitter @defconisov3r
2'32637ed866abc19465aa2172d651bbd3ffe2836add54ba3065ff7189f1a75410d9funknownTwitter @Marco_Ramilli
2'32061043ee383ff19ba6d5e65e455dd8d1170f1f6365dfb9c9c0764171f519ceb55 shTwitter @defconisov3r
2'319cf932ebbd2a2684dec9a823f2c223ef1666a18683dc342f45d71d99508624e88 shTwitter @defconisov3r
2'317560393402e176329d8bf14ad5bef7ab8e1d079f62a569600bad6daba2ccd25e3 shTwitter @defconisov3r
2'317eb4fdda796cd2cfef2d7ba81951817d4dbda6b777ea0f55e83b9307fb5bd6145 shTwitter @defconisov3r

Most discussed Malware Samples

Most discussed (commented) malware samples on MalwareBazaar.

CommentsMalware SampleTypeSignature
1097bb6f30d2fe5546a810da356e41652d1bccfe2130cf77dec36b9ee17c19259dExcel file xlsDridex
47277388a0a82e85fe6eb38ed47bd5640c74f10be64ee6e9b8610c49b73328859 7zHawkEye
3e97b35c4339e0412571a445b2fe20e30fe91585cad505820b56a098a66e54c23Executable exeAgentTesla
3f4841b9b9006e327d58c8d6fb6e1bb3699d05fcd10fcaf7adcdde47efccb13b3 zip 
30994e0972430f7cf02b66c290b6e62666c14da2ca9ad369e7cf5447313dc8550Executable exeTrickBot
3667f88e8dcd4a15529ed02bb20da6ae2e5b195717eb630b20b9732c8573c4e83Word file docPhobos
2251643f0b539eb872ebeb216f1b71f0f8dc8301276ea63dbfdf10a7267ac7379 zip 
24489591775f245687f693d6c2463835297e0908c9f7501e53567bc9369a73b91 zip 
29aa75631b7a56a84117e5aed0540fb74dfcde2c36d52744156381c9161603e28 zip 
23fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6 zip 

Top Tags

Most seen tags associated with malware samples on MalwareBazaar.

Top ClamAV signature

Most seen ClamAV signature detecting malware samples on MalwareBazaar.

ReversingLabs

Top threat name matching malware samples on MalwareBazaar.

CAPE Sandbox

Top detection matching malware samples on MalwareBazaar.

CERT.PL MWDB

Top malware family on MalwareBazaar.

Top File Types

Most seen file types associated with malware samples on MalwareBazaar.

Top imphashes

Most seen imphashes on MalwareBazaar.

Malware SampleimphashTop 4 Signatures
21'427f34d5f2d4577ed6d9ceec516c1f5a744AgentTesla Formbook MassLogger njrat
1'2400b23b9ad9f12b8fc28e61bff35382e32TrickBot
9573d95adbf13bbe79dc24dccb401c12091AgentTesla NanoCore Loki HawkEye
881afcdf79be1557326c854b6e20cb900a7AgentTesla RemcosRAT NanoCore FormBook
56390cf95ecd64949f490339642872dda87Heodo
5174f055c6d104f67955b2fc107928fe0dcHeodo
4134a8c5544cd24df05aabef0164d767361TrickBot
380756fdea446bc618b4804509775306c0dHeodo
374d97b710a90a979a9ba1fac5e1ea6c332Gozi Heodo
352a9640ad456aa6f6fa348957c2d652787Heodo

Top ssdeep hashes

Most seen ssdeep hashes on MalwareBazaar.

Malware SamplessdeepSignature(s)
39812288:U2+J+l5QvSoOUkQGPRoswLLjfsHJNF05F:PJl5QrrkQOCHspN4Quakbot
3733072:IFNthWQl/rSJ7lvt9filcZritkrINAEYsm2:IBhWQ/mJLflrOAp2Gozi Heodo
30712288:xyP2Md2hn+tDKFtKwK5KLK6KYK5KlK3K1aoNl7Mv+lwVwy:grdO+tDKFQoNOmlTrickBot
1516144:otEtEtEtEtEtEtEtEtEtEt9WO2gUXdCpnZavQq:Ceeeeeeeeee9xwcaGozi
15112288:OrQ0n1IYaHUBzy7JJI7vJ0GKjp5VCU/U+hdNt:RM1IYaHI8JJuvuGWp9lhpTrickBot
1341536:nycKoSsxz1PDZLDZjlbR868O8KlVH3edm7uDphYHceXVhca+fMHLtyeGxcl8/dgw:nycKoSsxzNDZLDZjlbR868O8KlVH3edfQuakbot
1331536:fycKoSsxz1PDZLDZjlbR868O8KlVH3edm7uDphYHceXVhca+fMHLtyeGxcl8/dgw:fycKoSsxzNDZLDZjlbR868O8KlVH3edcQuakbot
1321536:nycKoSsxz1PDZLDZjlbR868O8KlVH3edm7uDphYHceXVhca+fMHLtyeGxcl8/dgg:nycKoSsxzNDZLDZjlbR868O8KlVH3edfQuakbot
1321536:ZycKoSsxz1PDZLDZjlbR868O8KlVH3edm7uDphYHceXVhca+fMHLtyeGxcl8/dgA:ZycKoSsxzNDZLDZjlbR868O8KlVH3edUQuakbot
1321536:fycKoSsxz1PDZLDZjlbR868O8KlVH3edm7uDphYHceXVhca+fMHLtyeGxcl8/dgQ:fycKoSsxzNDZLDZjlbR868O8KlVH3edcQuakbot