MalwareBazaar Threat Intel

MalwareBazaar – 04.04.2026 22:34 UTC – 18 neue Samples – 14 kritisch – Mirai

Sat, 04 Apr 2026 22:34:00 +0000

Stand: 04.04.2026 22:34 UTC

Neue Samples dieser Session: 18

Risiko-Verteilung

🔴 Kritisch: 14
🟠 Hoch: 3
🟡 Mittel: 0
🟢 Niedrig: 2

Höchster Score: 84.4/100 (3ef977021623a269…)

Häufigste Familie: Mirai

Häufigster Typ: ?

VirusTotal-Ergebnisse

65c071651912721813fb…

Erkannt: 31/76 (40.8%) – Trojan.Linux.Mirai.1

Erkennende Engines (31):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-BIJ [Trj]`
AhnLab-V3	`Linux/Mirai17.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-BIJ [Trj]`
Avast-Mobile	`ELF:Mirai-CAT [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Trojan.Mirai-9907086-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9774`
ESET-NOD32	`Linux/Mirai.BZK trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
GData	`Linux.Trojan.Mirai.G`
Google	`Detected`
Ikarus	`Linux.AVI.Bot`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.es`
Kingsoft	`Linux.Backdoor.elf.2023767`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.GC!MTB`
Rising	`Backdoor.Mirai/Linux!1.1056B (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.wav`
TrendMicro	`Backdoor.Linux.MIRAI.SMLBO20`
TrendMicro-HouseCall	`Backdoor.Linux.MIRAI.SMLBO20`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.G.gen!Camelot`
huorong	`Trojan/Linux.Mirai.l!crit`

6eeb60e728d5f48609de…

Erkannt: 32/76 (42.1%) – Trojan.Linux.Mirai.1

Erkennende Engines (32):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-BIJ [Trj]`
AhnLab-V3	`Linux/Mirai03.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-BIJ [Trj]`
Avast-Mobile	`ELF:Mirai-CAT [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Trojan.Mirai-6981989-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9774`
ESET-NOD32	`Linux/Mirai.BZK trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`ELF/Mirai.AE!tr`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.es`
Kingsoft	`Linux.Backdoor.elf.2023767`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.BO!xp`
Rising	`Backdoor.Mirai/Linux!1.1056B (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.wba`
TrendMicro	`Possible_MIRAI.SMLBO21`
TrendMicro-HouseCall	`Possible_MIRAI.SMLBO21`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.DR.gen!Eldorado`
huorong	`Trojan/Linux.Mirai.l!crit`

4cac867a75d44338ead9…

Erkannt: 32/76 (42.1%) – Trojan.Linux.Mirai.1

Erkennende Engines (32):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-BIJ [Trj]`
AhnLab-V3	`Linux/Mirai11.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-BIJ [Trj]`
Avast-Mobile	`ELF:Mirai-CAT [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Trojan.Mirai-9907086-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9774`
ESET-NOD32	`Linux/Mirai.BZK trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`ELF/Mirai.L!tr`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Trojan.Linux.Gafgyt`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.es`
Kingsoft	`Linux.Backdoor.elf.2023767`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.FG!MTB`
Rising	`Backdoor.Mirai/Linux!1.1056B (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.waz`
TrendMicro	`Possible_MIRAI.SMLBO14`
TrendMicro-HouseCall	`Possible_MIRAI.SMLBO14`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.G.gen!Camelot`
huorong	`Trojan/Linux.Mirai.l!crit`

5ee560d056ca8523e499…

Erkannt: 32/76 (42.1%) – Trojan.Linux.Mirai.1

Erkennende Engines (32):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-BIJ [Trj]`
AhnLab-V3	`Linux/Mirai09.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-BIJ [Trj]`
Avast-Mobile	`ELF:Mirai-CAT [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Dropper.Mirai-7135957-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9774`
ESET-NOD32	`Linux/Mirai.BZK trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`ELF/Agent.BA!tr`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Trojan.Linux.Multiverze`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.es`
Kingsoft	`Linux.Backdoor.elf.2023767`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.BL!xp`
Rising	`Backdoor.Mirai/Linux!1.1056B (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.was`
TrendMicro	`Possible_MIRAI.SMLBO21`
TrendMicro-HouseCall	`Possible_MIRAI.SMLBO21`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.G.gen!Camelot`
huorong	`Trojan/Linux.Mirai.l!crit`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 22:23 \| [3ef977021623…](https://bazaar.abuse.ch/sample/3ef977021623a2699154204ca9e45d33d6c82b41d702f04254abfe21d268d98b/)	`elf`
\| 22:17 \| [65c071651912…](https://bazaar.abuse.ch/sample/65c071651912721813fb80153a9a662de6212aedb6a120d8a2275d2092347aa1/)	`elf`
\| 22:11 \| [6eeb60e728d5…](https://bazaar.abuse.ch/sample/6eeb60e728d5f48609de671f8bc6f1498674422eb571b8e53b5fd1172c79301e/)	`elf`
\| 22:11 \| [af4029c076c7…](https://bazaar.abuse.ch/sample/af4029c076c70e16d60cc07d811487c62168190f4a0934e8f098be2965812a9a/)	`elf`
\| 22:08 \| [38c20c35dbb0…](https://bazaar.abuse.ch/sample/38c20c35dbb057ce3b8b0f7d05af60d37176158339ca31caae044e0723ac0fe5/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 13 Samples
ValleyRAT: 2 Samples
EternalRocks: 1 Samples
OffLoader: 1 Samples
Loader: 2 Samples
RAT: 1 Samples
Trojaner: 1 Samples
Initial Access: 13 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 20:37 UTC – 18 neue Samples – 6 kritisch – unbekannt

Sat, 04 Apr 2026 20:37:00 +0000

Stand: 04.04.2026 20:37 UTC

Neue Samples dieser Session: 18

Risiko-Verteilung

🔴 Kritisch: 6
🟠 Hoch: 1
🟡 Mittel: 10
🟢 Niedrig: 2

Höchster Score: 83.7/100 (4db115d6aec8de66…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

9714272c145f2756b257…

Erkannt: 8/76 (10.5%) – Generic.LNK.SSHDropper.A.F28EC0A5

Erkennende Engines (8):

Engine	Name
\| ALYac	`Generic.LNK.SSHDropper.A.F28EC0A5`
Arcabit	`Generic.LNK.SSHDropper.A.F28EC0A5`
BitDefender 🛡️	`Generic.LNK.SSHDropper.A.F28EC0A5`
Emsisoft	`Generic.LNK.SSHDropper.A.F28EC0A5 (B)`
Fortinet	`LNK/SSHDropper.1639!tr`
GData	`Generic.LNK.SSHDropper.A.F28EC0A5`
MicroWorld-eScan	`Generic.LNK.SSHDropper.A.F28EC0A5`
VIPRE	`Generic.LNK.SSHDropper.A.F28EC0A5`

76dece1465d0598b533b…

Erkannt: 3/76 (4.0%) – Trojan:Script/Wacatac.B!ml

Erkennende Engines (3):

Engine	Name
\| Antiy-AVL	`Trojan/Linux.Mirai`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`
SentinelOne	`Static AI - Suspicious ELF`

b5edb9fc654b260661c8…

Erkannt: 2/76 (2.6%) – Trojan/Linux.Multiverze

Erkennende Engines (2):

Engine	Name
\| Antiy-AVL	`Trojan/Linux.Multiverze`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`

4db115d6aec8de6663fb…

Erkannt: 1/76 (1.3%) – Trojan/Linux.Multiverze

Erkennende Engines (1):

Engine	Name
\| Antiy-AVL	`Trojan/Linux.Multiverze`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 20:29 \| [20af30120452…](https://bazaar.abuse.ch/sample/20af3012045290cdced79c306e1fb8d5eac82a09a3771a4552f492ad4fa125ad/)	`exe`
\| 20:23 \| [9714272c145f…](https://bazaar.abuse.ch/sample/9714272c145f2756b257ebe574a7d84f1ae476897ed42cae28d31ee4f4354dae/)	`lnk`
\| 19:39 \| [07f2d8f3a9c9…](https://bazaar.abuse.ch/sample/07f2d8f3a9c9430d91620d6a8b83c20dc9d020f00b7066b3ff9bd0fec20b7c2d/)	`rar`
\| 19:34 \| [2e559516fb2f…](https://bazaar.abuse.ch/sample/2e559516fb2fd1edb2b3f9d32c44c6f32dbfe1aa21f6c201430b210cb123bc9c/)	`rar`
\| 19:34 \| [501e35f1600c…](https://bazaar.abuse.ch/sample/501e35f1600ce0548226c9957eed76f5f04cb2e1dbfd4f3fb8652009b38e8c9f/)	`apk`

MITRE ATT&CK Taktiken

Multiverze: 2 Samples
LNK: 1 Samples
SalatStealer: 1 Samples
ValleyRAT: 1 Samples
Trojaner: 4 Samples
Loader: 2 Samples
Maldoc: 1 Samples
Infostealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 18:50 UTC – 35 neue Samples – 9 kritisch – unbekannt

Sat, 04 Apr 2026 18:50:00 +0000

Stand: 04.04.2026 18:50 UTC

Neue Samples dieser Session: 35

Risiko-Verteilung

🔴 Kritisch: 9
🟠 Hoch: 3
🟡 Mittel: 11
🟢 Niedrig: 13

Höchster Score: 88.6/100 (aa8b48023efb7fcf…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

c12c26d5611a06a9ba3a…

Erkannt: 3/76 (4.0%) – Trojan/Generic!811F6EDAD7C32DB4

Erkennende Engines (3):

Engine	Name
\| Kaspersky	`HEUR:Trojan.BAT.Cobalt.gen`
Tencent	`Bat.Trojan.Cobalt.Vylw`
huorong	`Trojan/Generic!811F6EDAD7C32DB4`

7dbbb6d6db35b86cb6d0…

Erkannt: 49/76 (64.5%) – Trojan.GenericKDZ.116601

Erkennende Engines (49):

Engine	Name
\| ALYac	`Trojan.GenericKDZ.116601`
AVG	`Win32:SalatStealer-A [Pws]`
AhnLab-V3	`Trojan/Win.Generic.R727379`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avast	`Win32:SalatStealer-A [Pws]`
Avira	`TR/AVI.SalatStealer.hpdnc`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.hpdnc`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`Trojan-Banker.Win32.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vby0`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`BehavesLike.Win32.Trojan.wh`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrellixENS	`Artemis!4063918306F5`
TrendMicro	`TrojanSpy.Win32.SALATSTEALER.YXGCUZ`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`

49f7c39a65dd92b1d4e2…

Erkannt: 1/76 (1.3%) – not-a-virus:UDS:RiskTool.Linux.Miner

Erkennende Engines (1):

Engine	Name
\| Kaspersky	`not-a-virus:UDS:RiskTool.Linux.Miner`

b2ab21ed0fddcdc85489…

Erkannt: 4/76 (5.3%) – Trojan/Linux.Agent.dr

Erkennende Engines (4):

Engine	Name
\| ESET-NOD32	`Linux/Packed.Obfuscated.B suspicious application`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`
SentinelOne	`Static AI - Suspicious ELF`
huorong	`Trojan/Linux.Agent.dr`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 18:46 \| [ec517c9ec8f6…](https://bazaar.abuse.ch/sample/ec517c9ec8f6a6845ffe8ca9825bc31b2fe5719b2df0301fd016236f0048d01e/)	`7z`
\| 18:34 \| [18ea4970eac7…](https://bazaar.abuse.ch/sample/18ea4970eac7cc6539d211acd268c01903c5c999b2fb3381a364fd17fdb3efa9/)	`msi`
\| 18:20 \| [c12c26d5611a…](https://bazaar.abuse.ch/sample/c12c26d5611a06a9ba3a146fa96adadef4e520f28a8e3793837bf9e82ae0f4b9/)	`bat`
\| 18:13 \| [457998ade649…](https://bazaar.abuse.ch/sample/457998ade649c3d1b893cf5022bde0fdfb403e2db2649a2f198f8860746b5c66/)	`exe`
\| 18:03 \| [7dbbb6d6db35…](https://bazaar.abuse.ch/sample/7dbbb6d6db35b86cb6d0667396ad594433a2fc2bc040ba23341c300c9139353f/)	`exe`

MITRE ATT&CK Taktiken

EternalRocks: 2 Samples
SalatStealer: 2 Samples
Mirai: 2 Samples
NetSupport: 1 Samples
RustyStealer: 1 Samples
Linux: 1 Samples
Agent: 1 Samples
DeerStealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 16:40 UTC – 26 neue Samples – 7 kritisch – unbekannt

Sat, 04 Apr 2026 16:40:00 +0000

Stand: 04.04.2026 16:40 UTC

Neue Samples dieser Session: 26

Risiko-Verteilung

🔴 Kritisch: 7
🟠 Hoch: 3
🟡 Mittel: 9
🟢 Niedrig: 8

Höchster Score: 89.6/100 (fce1b5b74ad27801…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

fce1b5b74ad27801a11d…

Erkannt: 8/76 (10.5%) – MalwareX-gen [Misc]

Erkennende Engines (8):

Engine	Name
\| AVG	`MalwareX-gen [Misc]`
Avast	`MalwareX-gen [Misc]`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Lionic	`Trojan.Win32.NetSupport.4!c`
McAfeeD	`ti!FCE1B5B74AD2`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`

d884d04d69dc1081819b…

Erkannt: 14/76 (18.4%) – W64.AIDetectMalware

Erkennende Engines (14):

Engine	Name
\| APEX	`Malicious`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Injector.AIN trojan`
Elastic	`malicious (high confidence)`
Kaspersky	`HEUR:Trojan.Win32.Agentb.gen`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`ti!D884D04D69DC`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`suspicious.low.ml.score`

853b1386c9bfe386a49d…

Erkannt: 3/76 (4.0%) – Linux/Packed.Obfuscated.B suspicious application

Erkennende Engines (3):

Engine	Name
\| ESET-NOD32	`Linux/Packed.Obfuscated.B suspicious application`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`
huorong	`Trojan/Linux.Agent.dr`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 16:35 \| [5be8608d1d61…](https://bazaar.abuse.ch/sample/5be8608d1d61f478405b17fdd5a0f16da5acc92cba92a6c4eeedbe87954e7f3c/)	`exe`
\| 16:26 \| [bfd8383d7a4e…](https://bazaar.abuse.ch/sample/bfd8383d7a4e25a23a5a598aef98a09d3f92ed6535a4fe7885f3749a6a8751e1/)	`elf`
\| 16:23 \| [fce1b5b74ad2…](https://bazaar.abuse.ch/sample/fce1b5b74ad27801a11d36f24c805a36ce16f7a8c280b339624f9548eed49ac5/)	`exe`
\| 16:16 \| [9b83791bba1a…](https://bazaar.abuse.ch/sample/9b83791bba1a2384a3f49d4c3abd96debfc2bced8a1fd7456810befd48b1dbfe/)	`exe`
\| 16:10 \| [08307c3ec55d…](https://bazaar.abuse.ch/sample/08307c3ec55d592e95e83bdd6a358aac7ce6b2094d8925225524dfac6fd79e65/)	`elf`

MITRE ATT&CK Taktiken

ValleyRAT: 2 Samples
NetSupport: 1 Samples
AIDetectMalware: 1 Samples
Obfuscated: 1 Samples
Smoke Loader: 1 Samples
RodexRMM: 1 Samples
DeerStealer: 1 Samples
Loader: 4 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 14:37 UTC – 4 neue Samples – 3 kritisch – BV:Downloader-AEH [Drp]

Sat, 04 Apr 2026 14:37:00 +0000

Stand: 04.04.2026 14:37 UTC

Neue Samples dieser Session: 4

Risiko-Verteilung

🔴 Kritisch: 3
🟠 Hoch: 2
🟡 Mittel: 0
🟢 Niedrig: 0

Höchster Score: 76.3/100 (0d74b62b5c4ac836…)

Häufigste Familie: BV:Downloader-AEH [Drp]

Häufigster Typ: ?

VirusTotal-Ergebnisse

219d879522b3cfc498ab…

Erkannt: 10/76 (13.2%) – BV:Downloader-AEH [Drp]

Erkennende Engines (10):

Engine	Name
\| AVG	`BV:Downloader-AEH [Drp]`
Avast	`BV:Downloader-AEH [Drp]`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`Linux/TrojanDownloader.SH.CZF trojan`
Google	`Detected`
Ikarus	`Trojan.Linux.Coinminer`
Microsoft 🛡️	`Trojan:Script/Wacatac.C!ml`
Rising	`Downloader.Agent/BASH!9.4C9F3 (XSE:WFNFX0JBVDr+Ztq6WkJFYuuR4x6jitGJ)`
Tencent	`Win32.Trojan.Bash.Dtgl`
huorong	`TrojanDownloader/Linux.Agent.dp`

419310523f9ed7393e7f…

Erkannt: 18/76 (23.7%) – Gen:Variant.Tedy.878103

Erkennende Engines (18):

Engine	Name
\| ALYac	`Gen:Variant.Tedy.878103`
AhnLab-V3	`Infostealer/Win.SantaStealer.R761920`
Arcabit	`Trojan.Tedy.DD6617`
BitDefender 🛡️	`Gen:Variant.Tedy.878103`
CTX	`exe.unknown.tedy`
CrowdStrike	`win/malicious_confidence_70% (D)`
ESET-NOD32	`Win64/GenKryptik.HPYU trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Tedy.878103 (B)`
GData	`Gen:Variant.Tedy.878103`
Google	`Detected`
Kaspersky	`VHO:Trojan-PSW.Win32.Stealer.gen`
MicroWorld-eScan	`Gen:Variant.Tedy.878103`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
SentinelOne	`Static AI - Malicious PE`
Trapmine	`malicious.moderate.ml.score`
VIPRE	`Gen:Variant.Tedy.878103`
Varist	`W64/Agent.LWY.gen!Eldorado`

0d74b62b5c4ac836cc07…

Erkannt: 14/76 (18.4%) – W64.AIDetectMalware

Erkennende Engines (14):

Engine	Name
\| APEX	`Malicious`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Google	`Detected`
Gridinsoft	`Trojan.Win64.Agent.oa!s1`
Ikarus	`Trojan.Win64.Cab`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Sangfor	`Trojan.Win32.Save.a`
Symantec	`ML.Attribute.HighConfidence`
Yandex	`Backdoor.Agent!ifo2QKtnwQ0`

f10b6634e99ff37ec83b…

Erkannt: 54/76 (71.0%) – Gen:Variant.Application.msilheracles.2895

Erkennende Engines (54):

Engine	Name
\| ALYac	`Gen:Variant.Application.msilheracles.2895`
APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Drp]`
AhnLab-V3	`Malware/Win32.RL_Generic.C3558490`
Antiy-AVL	`Trojan[Backdoor]/MSIL.Crysan`
Arcabit	`Trojan.Application.msilheracles.DB4F`
Avast	`Win32:MalwareX-gen [Drp]`
Avira	`HEUR/AGEN.1307404`
BitDefender 🛡️	`Gen:Variant.Application.msilheracles.2895`
Bkav	`W32.AIDetectMalware.CS`
CAT-QuickHeal	`Trojan.IgenericFC.S14890850`
CTX	`exe.unknown.msilheracles`
ClamAV	`Win.Packed.Razy-9625918-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.Siggen9.56514`
ESET-NOD32	`MSIL/AsyncRAT.A trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Application.msilheracles.2895 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1307404`
Fortinet	`MSIL/AsyncRAT.A!tr`
GData	`MSIL.Trojan.PSE.16I8278`
Google	`Detected`
Ikarus	`Trojan.MSIL.AsyncRAT`
Jiangmin	`Backdoor.MSIL.gguk`
K7AntiVirus	`Trojan ( 005678321 )`
K7GW	`Trojan ( 005678321 )`
Kaspersky	`HEUR:Backdoor.MSIL.Crysan.gen`
Kingsoft	`MSIL.Backdoor.Crysan.gen`
Lionic	`Trojan.Win32.AsyncRat.4!c`
Malwarebytes	`Generic.Trojan.MSIL.DDS`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Real Protect-LS!06CC24D1E0C1`
MicroWorld-eScan	`Gen:Variant.Application.msilheracles.2895`
Microsoft 🛡️	`Backdoor:MSIL/AsyncRat.AD!MTB`
Rising	`Trojan.AntiVM!1.CF63 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`Fareit-FZT!06CC24D1E0C1`
Sophos	`Troj/AsyncRat-B`
Symantec	`Backdoor.ASync!g2`
Tencent	`Trojan.Msil.Agent.zap`
Trapmine	`suspicious.low.ml.score`
TrellixENS	`Fareit-FZT!06CC24D1E0C1`
TrendMicro	`Backdoor.MSIL.ASYNCRAT.SMXSR`
TrendMicro-HouseCall	`Backdoor.MSIL.ASYNCRAT.SMXSR`
VBA32	`OScope.Backdoor.MSIL.Crysan`
VIPRE	`Gen:Variant.Application.msilheracles.2895`
Varist	`W32/Samas.B.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/AsyncRat-B`
Zoner	`Trojan.Win32.112250`
huorong	`Backdoor/Crysan.a`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 14:34 \| [219d879522b3…](https://bazaar.abuse.ch/sample/219d879522b3cfc498ab3e2597dcce3b96c41e7f4154fa0205922f1f283f71d3/)	`sh`
\| 13:41 \| [419310523f9e…](https://bazaar.abuse.ch/sample/419310523f9ed7393e7fee0204c7f5ecccf3082ce0c7c16e03bd7ba235bcb62e/)	`exe`
\| 13:21 \| [0d74b62b5c4a…](https://bazaar.abuse.ch/sample/0d74b62b5c4ac836cc07493880d5be80e7f61443e4cc13d209ebb8932342c74c/)	`exe`
\| 13:10 \| [f10b6634e99f…](https://bazaar.abuse.ch/sample/f10b6634e99ff37ec83b9fecbc7cee089c1c82999eff9a6dc4519071e38f8000/)	`exe`
\| 08:50 \| ⭐ [5ea579e8fa69…](https://bazaar.abuse.ch/sample/5ea579e8fa695b2312ed199ff228784e4be3a8f3319afa18c40955f926336057/)	`exe`

MITRE ATT&CK Taktiken

Tedy: 1 Samples
AIDetectMalware: 1 Samples
AsyncRAT: 1 Samples
ValleyRAT: 1 Samples
Loader: 3 Samples
RAT: 1 Samples
Trojaner: 1 Samples
Execution: 3 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 13:04 UTC – 26 neue Samples – 12 kritisch – unbekannt

Sat, 04 Apr 2026 13:04:00 +0000

Stand: 04.04.2026 13:04 UTC

Neue Samples dieser Session: 26

Risiko-Verteilung

🔴 Kritisch: 12
🟠 Hoch: 3
🟡 Mittel: 9
🟢 Niedrig: 3

Höchster Score: 89.7/100 (02d2ea8fbfdabfd5…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

c5d959e0fa47a9321072…

Erkannt: 6/76 (7.9%) – BV:Downloader-AEH [Drp]

Erkennende Engines (6):

Engine	Name
\| AVG	`BV:Downloader-AEH [Drp]`
Avast	`BV:Downloader-AEH [Drp]`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.DownLoader.2243`
Kaspersky	`HEUR:Trojan-Downloader.Shell.Agent.p`
Tencent	`Win32.Trojan-Downloader.Agent.Zylw`

ffad344a1fccb6dfd401…

Erkannt: 38/76 (50.0%) – Trojan.GenericKD.76951191

Erkennende Engines (38):

Engine	Name
\| ALYac	`Trojan.GenericKD.76951191`
AVG	`Win64:MalwareX-gen [Misc]`
AhnLab-V3	`Trojan/Win.ShellcodeRunner.C5783186`
Alibaba	`Trojan:Win64/ShellcodeRunner.ca8eb975`
Arcabit	`Trojan.Generic.D4962E97`
Avast	`Win64:MalwareX-gen [Misc]`
Avira	`TR/AVI.Agent.uotgb`
BitDefender 🛡️	`Trojan.GenericKD.76951191`
Bkav	`W32.Common.FC4D4DEC`
CAT-QuickHeal	`Trojan.Shellcoderunner`
CTX	`exe.trojan.agen`
Cylance	`Unsafe`
ESET-NOD32	`a variant of Win64/Agent_AGen.FPO`
Emsisoft	`Trojan.GenericKD.76951191 (B)`
F-Secure	`Trojan.TR/AVI.Agent.uotgb`
Fortinet	`W64/Agent_AGen.FPO!tr`
GData	`Win32.Trojan-Stealer.Cordimik.D7MR1I@gen`
Google	`Detected`
Gridinsoft	`Trojan.Win64.Agent.sa`
Ikarus	`W64.Infector`
K7AntiVirus	`Trojan ( 005cb1f01 )`
K7GW	`Trojan ( 005cb1f01 )`
Kingsoft	`Win64.Troj.shellcoderun.v`
Lionic	`Trojan.Win32.ShellcodeRunner.4!c`
MaxSecure	`Trojan.Malware.406486664.susgen`
McAfeeD	`ti!FFAD344A1FCC`
MicroWorld-eScan	`Trojan.GenericKD.76951191`
Microsoft 🛡️	`Trojan:Win64/ShellcodeRunner.KAD!MTB`
Panda	`Trj/GdSda.A`
Skyhigh	`BehavesLike.Win64.Worm.th`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Win32.Trojan.Avi.Cgow`
TrellixENS	`Artemis!7BBE877115F9`
TrendMicro	`TROJ_GEN.R002C0DGU25`
TrendMicro-HouseCall	`TROJ_GEN.R002C0DGU25`
VIPRE	`Trojan.GenericKD.76951191`
alibabacloud	`Trojan:Win/ShellcodeRunner.KM#2XJC`

f542250ae5dc2639d556…

Erkannt: 5/76 (6.6%) – Trojan.ELF.Mirai.4!c

Erkennende Engines (5):

Engine	Name
\| ESET-NOD32	`Linux/TrojanDownloader.Agent.VI trojan`
Kaspersky	`HEUR:Trojan-Downloader.Linux.Mirai.d`
Lionic	`Trojan.ELF.Mirai.4!c`
Rising	`Downloader.Mirai/Linux!8.13556 (CLOUD)`
Tencent	`Linux.Trojan-Downloader.Oader.Ncnw`

9cd3d39d9d9a8a5e10ee…

Erkannt: 27/76 (35.5%) – Trojan.GenericKD.76964091

Erkennende Engines (27):

Engine	Name
\| ALYac	`Trojan.GenericKD.76964091`
AVG	`Script:SNH-gen [Drp]`
Antiy-AVL	`Trojan/VBS.SAgent`
Arcabit	`Trojan.Generic.D49660FB`
Avast	`Script:SNH-gen [Drp]`
BitDefender 🛡️	`Trojan.GenericKD.76964091`
CTX	`vba.trojan.generic`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`VBS/TrojanDownloader.Agent.ACGY trojan`
Emsisoft	`Trojan.GenericKD.76964091 (B)`
GData	`Trojan.GenericKD.76964091`
Google	`Detected`
Ikarus	`Trojan-Downloader.VBS.Agent`
Kaspersky	`HEUR:Trojan.VBS.SAgent.gen`
Lionic	`Trojan.Script.SAgent.4!c`
MicroWorld-eScan	`Trojan.GenericKD.76964091`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`
NANO-Antivirus	`Trojan.Script.Vbs-heuristic.druvzi`
Skyhigh	`BehavesLike.VBS.Dropper.zp`
Symantec	`ISB.Downloader!gen60`
Tencent	`Vbs.Trojan-Downloader.Der.Rnkl`
TrendMicro	`HEUR_VBS.DL1`
TrendMicro-HouseCall	`HEUR_VBS.DL1`
VIPRE	`Trojan.GenericKD.76964091`
Varist	`ABApplication.XO`
Yandex	`HTML.Psyme.Gen`
alibabacloud	`Trojan[downloader]:Win/Wacatac.B9nj`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`
\| 12:57 \| [3a79d959e2dd…](https://bazaar.abuse.ch/sample/3a79d959e2ddc581aef2ad155d2f599390f0cc63793db44c883b3c1efbabc216/)	`exe`
\| 12:50 \| [fea2040c75d4…](https://bazaar.abuse.ch/sample/fea2040c75d4947723e48547d773f8f20816f45fc3c2c789e893e3700705499c/)	`exe`
\| 12:46 \| [0d399c4818db…](https://bazaar.abuse.ch/sample/0d399c4818db396b7b05a90f80362b9bb0c7479db26605b1b0308513615eec46/)	`dll`
\| 12:46 \| [ccc65c122f83…](https://bazaar.abuse.ch/sample/ccc65c122f832c8a20c447c04452cbb8285da642e944d4b0cca96f739dcbe50f/)	`dll`
\| 11:58 \| [c5d959e0fa47…](https://bazaar.abuse.ch/sample/c5d959e0fa47a9321072cf5a3c36b2bd8110809ae973ae0cad0b6e510bc4cddd/)	`sh`

MITRE ATT&CK Taktiken

Mirai: 2 Samples
Vidar: 1 Samples
Hajime: 1 Samples
ValleyRAT: 1 Samples
Trojaner: 5 Samples
Infostealer: 4 Samples
Loader: 2 Samples
Backdoor: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 10:38 UTC – 17 neue Samples – 9 kritisch – unbekannt

Sat, 04 Apr 2026 10:38:00 +0000

Stand: 04.04.2026 10:38 UTC

Neue Samples dieser Session: 17

Risiko-Verteilung

🔴 Kritisch: 9
🟠 Hoch: 3
🟡 Mittel: 1
🟢 Niedrig: 5

Höchster Score: 84.0/100 (a9349d10ad9d1b16…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

a0c6f7821878044c49ad…

Erkannt: 14/76 (18.4%) – ELF:Agent-DMP [Trj]

Erkennende Engines (14):

Engine	Name
\| AVG	`ELF:Agent-DMP [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Agent-DMP [Trj]`
Avast-Mobile	`ELF:Agent-DMP [Trj]`
ClamAV	`Unix.Malware.Mirai-9942689-0`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`Linux/Mirai.ESE trojan`
Elastic	`Linux.Generic.Threat`
Google	`Detected`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.fj`
Microsoft 🛡️	`Backdoor:Linux/Mirai.HQ!MTB`
Rising	`Backdoor.Mirai/Linux!1.130E7 (CLASSIC)`
Varist	`E32/Mirai.EI.gen!Eldorado`
huorong	`Trojan/Linux.Mirai.hq`

b10309e698fa671081f8…

Erkannt: 7/76 (9.2%) – Linux/Mirai.ESE trojan

Erkennende Engines (7):

Engine	Name
\| Antiy-AVL	`Trojan/Linux.Mirai.b`
ESET-NOD32	`Linux/Mirai.ESE trojan`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.fj`
Kingsoft	`Linux.Backdoor.Gafgyt.fj`
Microsoft 🛡️	`Backdoor:Linux/Mirai.HQ!MTB`
Rising	`Backdoor.Mirai/Linux!1.130E7 (CLASSIC)`
huorong	`Trojan/Linux.Mirai.hq`

a9349d10ad9d1b164273…

Erkannt: 10/76 (13.2%) – Backdoor.Linux.Mirai.V5hb

Erkennende Engines (10):

Engine	Name
\| Antiy-AVL	`Trojan/Linux.Mirai.b`
ESET-NOD32	`Linux/Mirai.ESE trojan`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.fj`
Microsoft 🛡️	`Backdoor:Linux/Mirai.HQ!MTB`
Rising	`Backdoor.Mirai/Linux!1.130E7 (CLASSIC)`
Sangfor	`Backdoor.Linux.Mirai.V5hb`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Linux.Backdoor.Gafgyt.Lflw`
alibabacloud	`DDoS:Linux/Mirai.EBM`
huorong	`Trojan/Linux.Mirai.hq`

5ea579e8fa695b2312ed…

Erkannt: 40/76 (52.6%) – Gen:Variant.Giant.Midie.604

Erkennende Engines (40):

Engine	Name
\| ALYac	`Gen:Variant.Giant.Midie.604`
APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Injector.X2247`
Alibaba	`Trojan:Win64/Aotera.3ed55e58`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Giant.Midie.604`
CAT-QuickHeal	`cld.trojan.win64`
CTX	`exe.trojan.aotera`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Aotera.DV trojan`
Emsisoft	`Gen:Variant.Giant.Midie.604 (B)`
Fortinet	`W64/Aotera.BF!tr`
GData	`Gen:Variant.Giant.Midie.604`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Win32.Outbreak`
K7AntiVirus	`Trojan ( 006dbea21 )`
K7GW	`Trojan ( 006dbea21 )`
Kaspersky	`UDS:Trojan.Win64.Generic`
Kingsoft	`Win64.Trojan.Generic.a`
Lionic	`Trojan.Win32.Adload.tt1X`
Malwarebytes	`Malware.AI.401317728`
MaxSecure	`Trojan.Malware.326164669.susgen`
McAfeeD	`ti!5EA579E8FA69`
MicroWorld-eScan	`Gen:Variant.Giant.Midie.604`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win64.Aotera.Vnvx`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win64.Trojan.Generic.Jajl`
TrendMicro	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
TrendMicro-HouseCall	`Backdoor.Win32.VALLEYRAT.YXGDAZ`
VIPRE	`Gen:Variant.Giant.Midie.604`
Varist	`W64/Kryptik.NZT.gen!Eldorado`
VirIT	`Trojan.Win32.NSISGenT.AGOS`
alibabacloud	`Trojan:Win/Aotera.DY`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 10:34 \| [25a1b1d9a240…](https://bazaar.abuse.ch/sample/25a1b1d9a2404cb7e132c043489179d89bd42f9e35f67212bd709b9fd959731a/)	`unknown`
\| 10:24 \| [32542eec43dd…](https://bazaar.abuse.ch/sample/32542eec43dd802dec908b702509f3d629e3416fc044f6d5f6d2f1c61bb1073a/)	`unknown`
\| 10:15 \| [872912511463…](https://bazaar.abuse.ch/sample/8729125114636fdb986658b346d8ba5c4f6307d0bfdcfef5b8d1ff8b534f750f/)	`gz`
\| 10:14 \| [28a7249517d9…](https://bazaar.abuse.ch/sample/28a7249517d9a0a44bf654b42a089ec18249b6536f5e069a40c698f8b1c3a0d8/)	`gz`
\| 10:04 \| [02f3bc1a2b0f…](https://bazaar.abuse.ch/sample/02f3bc1a2b0fd4b7fe9c908a65af197a8d7d726b2d139ad29f9de7da3f213eb9/)	`unknown`

MITRE ATT&CK Taktiken

ValleyRAT: 2 Samples
Mirai: 2 Samples
ESE trojan: 1 Samples
SalatStealer: 1 Samples
Infostealer: 3 Samples
RAT: 3 Samples
Worm: 1 Samples
Trojaner: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 08:47 UTC – 24 neue Samples – 18 kritisch – Mirai

Sat, 04 Apr 2026 08:47:00 +0000

Stand: 04.04.2026 08:47 UTC

Neue Samples dieser Session: 24

Risiko-Verteilung

🔴 Kritisch: 18
🟠 Hoch: 3
🟡 Mittel: 0
🟢 Niedrig: 4

Höchster Score: 89.2/100 (26f9bb2c2450b7b1…)

Häufigste Familie: Mirai

Häufigster Typ: ?

VirusTotal-Ergebnisse

ed0c51acaa0b2c1bac72…

Erkannt: 21/76 (27.6%) – W64.AIDetectMalware

Erkennende Engines (21):

Engine	Name
\| APEX	`Malicious`
Antiy-AVL	`Trojan[Packed]/Win64.VMProtect`
Avira	`HEUR/AGEN.1379242`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
ESET-NOD32	`Win32/Packed.VMProtect.ACI trojan`
Elastic	`malicious (high confidence)`
F-Secure	`Heuristic.HEUR/AGEN.1379242`
Gridinsoft	`Trojan.Heur!.022120A3`
Kingsoft	`malware.kb.b.998`
Malwarebytes	`Trojan.Packed`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Real Protect-LS!09B99361A9CE`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Rising	`Trojan.Miner!8.EA1 (TFE:5:9RmvBkWOb3U)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`suspicious.low.ml.score`

dadefff56e6dddb606d8…

Erkannt: 42/76 (55.3%) – Trojan.Linux.Mirai.7

Erkennende Engines (42):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.7`
AVG	`ELF:Agent-AYQ [Trj]`
AhnLab-V3	`Linux/Mirai07.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.7`
Avast	`ELF:Agent-AYQ [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Gafgyt.D`
BitDefender 🛡️	`Trojan.Linux.Mirai.7`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Dropper.Mirai-7136013-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.A trojan`
Elastic	`Linux.Trojan.Gafgyt`
Emsisoft	`Trojan.Linux.Mirai.7 (B)`
F-Secure	`Exploit.EXP/ELF.Gafgyt.D`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Trojan.Linux.Mirai.7`
Google	`Detected`
Ikarus	`Backdoor.Linux.Mirai`
Jiangmin	`Backdoor.Linux.hzwo`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
Lionic	`Trojan.Linux.Mirai.K!c`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
MicroWorld-eScan	`Trojan.Linux.Mirai.7`
Microsoft 🛡️	`Backdoor:Linux/Mirai.E!xp`
Rising	`Backdoor.Gafgyt/Linux!1.12AC3 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai-FROZ!721A2C63FE96`
Sophos	`Linux/DDoS-CI`
Symantec	`Linux.Mirai`
Tencent	`Trojan.Linux.Mirai.blc`
TrendMicro	`Possible_MIRAI.SMLBO22`
TrendMicro-HouseCall	`Possible_MIRAI.SMLBO22`
VIPRE	`Trojan.Linux.Mirai.7`
Varist	`E64/Mirai.A.gen!Camelot`
ZoneAlarm	`Linux/DDoS-CI`
alibabacloud	`DDOS:Linux/Mirai.8515eccf`
huorong	`Trojan/Linux.Mirai.q!crit`

56010e2ec81eb4a48a31…

Erkannt: 27/76 (35.5%) – Trojan.Linux.Mozi.11

Erkennende Engines (27):

Engine	Name
\| ALYac	`Trojan.Linux.Mozi.11`
AVG	`ELF:Agent-BMN [Trj]`
AhnLab-V3	`Trojan/Linux.Truncpx.99968`
Antiy-AVL	`Trojan/Linux.Gafgyt.a`
Arcabit	`Trojan.Linux.Mozi.11`
Avast	`ELF:Agent-BMN [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mozi.11`
CTX	`elf.trojan.mozi`
ClamAV	`Unix.Malware.Generic-10008314-0`
Cynet	`Malicious (score: 99)`
Elastic	`Linux.Packer.Patched.UPX`
Emsisoft	`Trojan.Linux.Mozi.11 (B)`
Fortinet	`ELF/GenericKD.7945!tr`
GData	`Trojan.Linux.Mozi.11`
Google	`Detected`
Ikarus	`Trojan.Linux.Generic`
Jiangmin	`Backdoor.Linux.fmhj`
Lionic	`Trojan.Linux.Linux.4!c`
MicroWorld-eScan	`Trojan.Linux.Mozi.11`
Microsoft 🛡️	`Trojan:Linux/Multiverze`
Skyhigh	`GenericRXOQ-CG!B53BE31BC55D`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.NPE`
Tencent	`Risktool.Linux.Agent.dt`
TrellixENS	`GenericRXOQ-CG!B53BE31BC55D`
VBA32	`Trojan.Linux.Mirai`
VIPRE	`Trojan.Linux.Mozi.11`

649bea12759a8794de9b…

Erkannt: 33/76 (43.4%) – Trojan.Linux.GenericKD.45446

Erkennende Engines (33):

Engine	Name
\| ALYac	`Trojan.Linux.GenericKD.45446`
AVG	`ELF:Mirai-GH [Trj]`
AhnLab-V3	`Linux/Mirai.Gen35`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Generic.DB186`
Avast	`ELF:Mirai-GH [Trj]`
Avast-Mobile	`ELF:Mirai-GH [Trj]`
BitDefender 🛡️	`Trojan.Linux.GenericKD.45446`
CTX	`elf.trojan.generic`
ClamAV	`Unix.Trojan.Mirai-9955244-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.A trojan`
Emsisoft	`Trojan.Linux.GenericKD.45446 (B)`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Trojan.Linux.GenericKD.45446`
Google	`Detected`
Ikarus	`AVE.AndroidOS.Mirai`
Jiangmin	`Backdoor.Linux.hzfz`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.h`
MicroWorld-eScan	`Trojan.Linux.GenericKD.45446`
Microsoft 🛡️	`Trojan:Linux/Mirai!pz`
Rising	`Backdoor.Mirai/Linux!1.130E7 (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`GenericRXTP-FC!90B5C65AEFB8`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.ck`
TrellixENS	`GenericRXTP-FC!90B5C65AEFB8`
VBA32	`Trojan.Linux.Mirai`
VIPRE	`Trojan.Linux.GenericKD.45446`
Varist	`E32/Mirai5.BZF`
alibabacloud	`Backdoor:Linux/Multiverze.4adf0465`
huorong	`Trojan/Linux.Mirai.q!crit`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 08:23 \| [ed0c51acaa0b…](https://bazaar.abuse.ch/sample/ed0c51acaa0b2c1bac7295de146a6eea9a9f13d3c06d77a26b3a6abbfea42f07/)	`exe`
\| 08:22 \| [b2763d836163…](https://bazaar.abuse.ch/sample/b2763d836163c02242ba18ed711322cf47fb9b1575bae08402dea52b3af7ebac/)	`unknown`
\| 08:10 \| [26f9bb2c2450…](https://bazaar.abuse.ch/sample/26f9bb2c2450b7b10a5e56d760c3ab2c372f225d60456e32f4c25ee779be04b9/)	`exe`
\| 08:06 \| [d9da158ffb22…](https://bazaar.abuse.ch/sample/d9da158ffb22c50e2b96a417fb157649a24bf2b730ea3fd7b4375eee5477ebc4/)	`unknown`
\| 07:44 \| [5ca5f11f6f38…](https://bazaar.abuse.ch/sample/5ca5f11f6f388258c42826f4a876f7976d8000d8d06b11e40df4ef067d420a2c/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 18 Samples
CoinMiner: 1 Samples
QuasarRAT: 1 Samples
SalatStealer: 1 Samples
Loader: 1 Samples
RAT: 1 Samples
Trojaner: 1 Samples
Initial Access: 18 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 07:06 UTC – 9 neue Samples – 2 kritisch – unbekannt

Sat, 04 Apr 2026 07:06:00 +0000

Stand: 04.04.2026 07:06 UTC

Neue Samples dieser Session: 9

Risiko-Verteilung

🔴 Kritisch: 2
🟠 Hoch: 3
🟡 Mittel: 3
🟢 Niedrig: 2

Höchster Score: 85.3/100 (73d62b475534c08e…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

4e62743c61bf2c18a0f7…

Erkannt: 0/1 (0.0%) – –

73d62b475534c08e67fd…

Erkannt: 10/76 (13.2%) – ELF:DDOSAgent-FR [Trj]

Erkennende Engines (10):

Engine	Name
\| AVG	`ELF:DDOSAgent-FR [Trj]`
Antiy-AVL	`Trojan[Botnet]/Linux.Condi`
Avast	`ELF:DDOSAgent-FR [Trj]`
ClamAV	`Unix.Trojan.Mirai-10059787-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9735`
ESET-NOD32	`Linux/Mirai.EKD trojan`
Google	`Detected`
Ikarus	`Trojan.Linux.Mirai`
SentinelOne	`Static AI - Suspicious ELF`

d1aed493fc5462c98bc7…

Erkannt: 43/76 (56.6%) – Trojan.Generic.38194037

Erkennende Engines (43):

Engine	Name
\| ALYac	`Trojan.Generic.38194037`
AVG	`ELF:Gafgyt-KS [Trj]`
AhnLab-V3	`Linux/Mirai.Gen35`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Generic.D246CB75`
Avast	`ELF:Gafgyt-KS [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Gafgyt.D`
BitDefender 🛡️	`Trojan.Generic.38194037`
CTX	`elf.trojan.generic`
ClamAV	`Unix.Dropper.Mirai-7136013-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.A trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Generic.38194037 (B)`
F-Secure	`Exploit.EXP/ELF.Gafgyt.D`
Fortinet	`ELF/Mirai.BHD!tr`
GData	`Trojan.Generic.38194037`
Google	`Detected`
Ikarus	`Backdoor.Linux.Mirai`
Jiangmin	`Backdoor.Linux.hznp`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
MicroWorld-eScan	`Trojan.Generic.38194037`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.11724 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai-FROZ!670475308207`
Sophos	`Linux/DDoS-CI`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.waw`
TrellixENS	`Linux/Mirai-FROZ!670475308207`
TrendMicro	`Backdoor.Linux.MIRAI.SMLBO20`
TrendMicro-HouseCall	`Backdoor.Linux.MIRAI.SMLBO20`
VBA32	`Trojan.Linux.Mirai`
VIPRE	`Trojan.Generic.38194037`
Varist	`E32/Mirai.EH.gen!Camelot`
ZoneAlarm	`Linux/DDoS-CI`
alibabacloud	`Backdoor:Linux/Mirai.601014fb`
huorong	`Trojan/Linux.Mirai.q!crit`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 07:02 \| [25df81baf575…](https://bazaar.abuse.ch/sample/25df81baf5757c548006f2936631d95adbb3fe2e20831415a526e2a8a2b35ca7/)	`exe`
\| 07:02 \| [4e62743c61bf…](https://bazaar.abuse.ch/sample/4e62743c61bf2c18a0f77d0837859aee67d2aac22908e25289cd3d760e024c04/)	`exe`
\| 07:01 \| [1ca98717ab0c…](https://bazaar.abuse.ch/sample/1ca98717ab0c34e0fb271498977f1c67609eafe07a97f4d9d0a36742ebbf8613/)	`exe`
\| 07:01 \| [7e2b5d65f989…](https://bazaar.abuse.ch/sample/7e2b5d65f98997b5bac0ee963084e714fae6d10dda65c8a772c415c5d612ad43/)	`exe`
\| 06:57 \| [73d62b475534…](https://bazaar.abuse.ch/sample/73d62b475534c08e67fd1b4c8f05ab3fd64114260cb7b9924c091b48a0bcfa2e/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 3 Samples
SalatStealer: 1 Samples
Trojaner: 1 Samples
Initial Access: 3 Samples
Lateral Movement: 3 Samples
Eindeutige Familien: 3 Samples
Eindeutige Tags: 7 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 05:23 UTC – 48 neue Samples – 41 kritisch – Mirai

Sat, 04 Apr 2026 05:23:00 +0000

Stand: 04.04.2026 05:23 UTC

Neue Samples dieser Session: 48

Risiko-Verteilung

🔴 Kritisch: 41
🟠 Hoch: 1
🟡 Mittel: 0
🟢 Niedrig: 7

Höchster Score: 84.1/100 (5427edd231beb33e…)

Häufigste Familie: Mirai

Häufigster Typ: ?

VirusTotal-Ergebnisse

d528d7dd3076fc173adf…

Erkannt: 39/76 (51.3%) – Trojan.Linux.Mirai.1

Erkennende Engines (39):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Gafgyt-KS [Trj]`
AhnLab-V3	`Linux/Mirai.Gen35`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Gafgyt-KS [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Mirai.Z.A`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Dropper.Mirai-7136013-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.A trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
F-Secure	`Exploit.EXP/ELF.Mirai.Z.A`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`LINUX.AVF.Bot`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.11724 (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai-FROZ!5CBEFBFC40E3`
Sophos	`Linux/DDoS-CI`
Tencent	`Backdoor.Linux.Mirai.waw`
TrellixENS	`Linux/Mirai-FROZ!5CBEFBFC40E3`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC11`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC11`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.EH.gen!Camelot`
ZoneAlarm	`Linux/DDoS-CI`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.q!crit`

aabe3c75c74611484aae…

Erkannt: 12/76 (15.8%) – ELF:DDOSAgent-FR [Trj]

Erkennende Engines (12):

Engine	Name
\| AVG	`ELF:DDOSAgent-FR [Trj]`
Antiy-AVL	`Trojan/Linux.Mirai`
Avast	`ELF:DDOSAgent-FR [Trj]`
ClamAV	`Unix.Trojan.Mirai-10059787-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9735`
ESET-NOD32	`Linux/Mirai.EKD trojan`
Google	`Detected`
Ikarus	`Trojan.Linux.Mirai`
Lionic	`Trojan.ELF.Mirai.4!c`
McAfeeD	`Trojan:Linux/GenericY.HS`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.W!MTB`

6f6c2d0dd6125510c627…

Erkannt: 27/76 (35.5%) – Trojan.Linux.Mirai.1

Erkennende Engines (27):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-GH [Trj]`
AhnLab-V3	`Linux/Mirai.Gen35`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-GH [Trj]`
Avast-Mobile	`ELF:Mirai-GH [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.A trojan`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.h`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AR!MTB`
Rising	`Backdoor.Mirai/Linux!1.128BE (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.ck`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.BMN`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.q!crit`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 05:15 \| [af935aced0b9…](https://bazaar.abuse.ch/sample/af935aced0b92e3dee16cfbaf0ba8aa6441969e4055bb1a49cd99bdb7b061008/)	`unknown`
\| 04:58 \| [9b15aedfa62f…](https://bazaar.abuse.ch/sample/9b15aedfa62f1df551338480c51665edf24fb00cc14a014211a234ecd75a0b84/)	`unknown`
\| 04:55 \| [d528d7dd3076…](https://bazaar.abuse.ch/sample/d528d7dd3076fc173adfadfb90c1dc94e9ac032d059965e6ae98b8bf3ac67d3f/)	`elf`
\| 04:54 \| [5427edd231be…](https://bazaar.abuse.ch/sample/5427edd231beb33e66ab7b5993d1a70587d2f7d042306a60211b56af44f82380/)	`elf`
\| 04:54 \| [8cda6ff36f64…](https://bazaar.abuse.ch/sample/8cda6ff36f64a6c787982c216740857cf6b06b3c0dce3f341b3fcaafd6a8df3e/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 40 Samples
XenoRAT: 1 Samples
SalatStealer: 1 Samples
RAT: 1 Samples
Trojaner: 1 Samples
Initial Access: 40 Samples
Lateral Movement: 40 Samples
Eindeutige Familien: 4 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 04.04.2026 02:31 UTC – 38 neue Samples – 27 kritisch – unbekannt

Sat, 04 Apr 2026 02:31:00 +0000

Stand: 04.04.2026 02:31 UTC

Neue Samples dieser Session: 38

Risiko-Verteilung

🔴 Kritisch: 27
🟠 Hoch: 6
🟡 Mittel: 3
🟢 Niedrig: 3

Höchster Score: 89.6/100 (c03ca9e428028519…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

65cf85118c69198cdd7c…

Erkannt: 53/76 (69.7%) – Gen:Variant.Lazy.710886

Erkennende Engines (53):

Engine	Name
\| ALYac	`Gen:Variant.Lazy.710886`
APEX	`Malicious`
AVG	`Win32:Lumma-L [Pws]`
AhnLab-V3	`Trojan/Win.Generic.R767410`
Alibaba	`TrojanPSW:Win32/Lumma.872d8070`
Antiy-AVL	`Trojan/Win32.Convagent`
Arcabit	`Trojan.Lazy.DAD8E6`
Avast	`Win32:Lumma-L [Pws]`
Avira	`TR/Crypt.XPACK.Gen`
BitDefender 🛡️	`Gen:Variant.Lazy.710886`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`cld.trojan.lummac`
CTX	`exe.trojan.lumma`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.PWS.Lumma.1819`
Elastic	`Windows.Trojan.Lumma`
Emsisoft	`Gen:Variant.Lazy.710886 (B)`
F-Secure	`Trojan.TR/Crypt.XPACK.Gen`
Fortinet	`W32/PossibleThreat`
GData	`Gen:Variant.Lazy.710886`
Google	`Detected`
Gridinsoft	`Trojan.Win32.AI.sa`
Ikarus	`Trojan-Spy.Win32.LummaStealer`
K7AntiVirus	`Riskware ( 005cdebc1 )`
K7GW	`Riskware ( 005cdebc1 )`
Kaspersky	`Trojan-PSW.Win32.Lumma.aclh`
Kingsoft	`Win32.Trojan-PSW.Lumma.aclh`
Lionic	`Trojan.Win32.Lumma.1u!c`
Malwarebytes	`Malware.AI.1048981095`
McAfeeD	`Trojan:Win/Lumma.NEH`
MicroWorld-eScan	`Gen:Variant.Lazy.710886`
Microsoft 🛡️	`Trojan:Win32/LummaC.EATE!MTB`
NANO-Antivirus	`Virus.Win32.Gen.ccmw`
Paloalto	`generic.ml`
Panda	`Trj/Genetic.gen`
Rising	`Stealer.LummaC2!1.12843 (CLASSIC)`
Sangfor	`Infostealer.Win32.Lumma.Vk4i`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/EncPk-DW`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`malicious.high.ml.score`
TrellixENS	`Artemis!4F5E638E302B`
TrendMicro	`TrojanSpy.Win32.LUMMASTEALER.YXGDBZ`
TrendMicro-HouseCall	`TrojanSpy.Win32.LUMMASTEALER.YXGDBZ`
VIPRE	`Gen:Variant.Lazy.710886`
Varist	`W32/ABTrojan.PKDX-5755`
ZoneAlarm	`Mal/EncPk-DW`
alibabacloud	`RiskWare:Win/LummaC.EMBZ3DGW`
huorong	`HEUR:TrojanSpy/LummaStealer.a`
tehtris	`Generic.Malware`

4f361ec950cc375e21ca…

Erkannt: 2/76 (2.6%) – not-a-virus:HEUR:Downloader.Shell.Miner.a

Erkennende Engines (2):

Engine	Name
\| Kaspersky	`not-a-virus:HEUR:Downloader.Shell.Miner.a`
huorong	`Trojan/BAT.Agent.ex`

143fe44e5705ad84697c…

Erkannt: 18/76 (23.7%) – FileRepMalware [Misc]

Erkennende Engines (18):

Engine	Name
\| APEX	`Malicious`
AVG	`FileRepMalware [Misc]`
Avast	`FileRepMalware [Misc]`
Avira	`TR/AVI.PWS.Agent.rxddg`
Bkav	`W32.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_70% (D)`
Cylance	`Unsafe`
ESET-NOD32	`Win32/GenKryptik.HQNA trojan`
Elastic	`malicious (high confidence)`
Kaspersky	`Trojan-PSW.Win32.Lumma.acls`
Kingsoft	`malware.kb.a.937`
McAfeeD	`ti!143FE44E5705`
Microsoft 🛡️	`Program:Win32/Wacapew.C!ml`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Win32.Trojan.FalseSign.Kjgl`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanPSW.Lumma`
huorong	`TrojanSpy/LummaStealer.fj`

d772d8ba62db514b1240…

Erkannt: 7/76 (9.2%) – PowerShell/Agent.DXQ trojan

Erkennende Engines (7):

Engine	Name
\| ESET-NOD32	`PowerShell/Agent.DXQ trojan`
Fortinet	`PowerShell/Agent.DXQ!tr`
GData	`PowerShell.Trojan-Downloader.PoshLoad.Z`
Google	`Detected`
Ikarus	`Trojan.PowerShell.Agent`
Kaspersky	`HEUR:Trojan-PSW.PowerShell.Agent.gen`
McAfeeD	`Trojan:Script/ObfuPS.HELK`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 02:26 \| [81631a4f740b…](https://bazaar.abuse.ch/sample/81631a4f740b8b24e45926f0b36e34aa92491f8bf6cb4ff1a3ff1ebb24ad9112/)	`elf`
\| 02:18 \| [a3443065affd…](https://bazaar.abuse.ch/sample/a3443065affd5e460ce0e6dcc66bfeb3ca6342589c50fd4f625724a07fbce228/)	`exe`
\| 02:18 \| [65cf85118c69…](https://bazaar.abuse.ch/sample/65cf85118c69198cdd7c9f6b7bdb58bb8f1ed9cc09834dd687c0e70bf53c8723/)	`exe`
\| 02:18 \| [4f361ec950cc…](https://bazaar.abuse.ch/sample/4f361ec950cc375e21caab543e37b463e0a5dc3d7f8d8d188f3498932cd46d5c/)	`sh`
\| 02:16 \| [eb79ac344862…](https://bazaar.abuse.ch/sample/eb79ac34486277038a2f6529e68a8415d75a2f23c21c5873474fea9a911f3e34/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 5 Samples
Smoke Loader: 3 Samples
EternalRocks: 2 Samples
LummaStealer: 2 Samples
Lazy: 1 Samples
Shell: 1 Samples
DXQ trojan: 1 Samples
AsyncRAT: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 22:38 UTC – 16 neue Samples – 3 kritisch – unbekannt

Fri, 03 Apr 2026 22:38:00 +0000

Stand: 03.04.2026 22:38 UTC

Neue Samples dieser Session: 16

Risiko-Verteilung

🔴 Kritisch: 3
🟠 Hoch: 3
🟡 Mittel: 5
🟢 Niedrig: 6

Höchster Score: 86.5/100 (5c2d6c1df40a8977…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

9af5f415cea6ce948b48…

Erkannt: 20/76 (26.3%) – Unix.Trojan.Mirai-8041698-0

Erkennende Engines (20):

Engine	Name
\| AhnLab-V3	`Linux/Cve-2018-10088.Gen`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast-Mobile	`ELF:Mirai-CQP [Trj]`
Avira	`EXP/ELF.Agent.J.8`
ClamAV	`Unix.Trojan.Mirai-8041698-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9810`
F-Secure	`Exploit.EXP/ELF.Agent.J.8`
GData	`Linux.Trojan.Gafgyt.B`
Google	`Detected`
Ikarus	`Trojan.Linux.MiraiTR`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.gen`
McAfeeD	`Trojan:Linux/Mirai.ERM`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.13097 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
Tencent	`Backdoor.Linux.Mirai.had`
Varist	`E32/Mirai.EN.gen!Camelot`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.f`

a9d29e1627f0aa70741c…

Erkannt: 38/76 (50.0%) – Application.Hacktool.BGB

Erkennende Engines (38):

Engine	Name
\| ALYac	`Application.Hacktool.BGB`
APEX	`Malicious`
AVG	`Win64:MalwareX-gen [Misc]`
Antiy-AVL	`HackTool/Win64.Runner`
Arcabit	`Application.Hacktool.BGB`
Avast	`Win64:MalwareX-gen [Misc]`
Avira	`TR/AVI.Agent.gnloj`
BitDefender 🛡️	`Application.Hacktool.BGB`
CTX	`exe.trojan.runner`
CrowdStrike	`win/malicious_confidence_60% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/HackTool.Runner.B`
Elastic	`malicious (high confidence)`
Emsisoft	`Application.Hacktool.BGB (B)`
F-Secure	`Trojan.TR/AVI.Agent.gnloj`
Fortinet	`Adware/Runner`
GData	`Application.Hacktool.BGB`
Google	`Detected`
K7AntiVirus	`Trojan ( 005c22c01 )`
K7GW	`Trojan ( 005c22c01 )`
Kaspersky	`VHO:HackTool.Win64.Convagent.gen`
Lionic	`Hacktool.Win32.Runner.3!c`
Malwarebytes	`Malware.AI.3582802762`
MaxSecure	`Trojan.Malware.317607368.susgen`
McAfeeD	`ti!A9D29E1627F0`
MicroWorld-eScan	`Application.Hacktool.BGB`
Microsoft 🛡️	`Program:Win32/Wacapew.C!ml`
Rising	`Trojan.Generic!8.C3 (CLOUD)`
Sophos	`Generic Reputation PUA (PUA)`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Malware.Win32.Gencirc.1432b92f`
TrellixENS	`Artemis!EA0B59C71F65`
VIPRE	`Application.Hacktool.BGB`
Varist	`W64/ABApplication.RAFG-3585`
Zillya	`Tool.Runner.Win64.1`
alibabacloud	`HackTool:Win/Runner.B`
huorong	`Trojan/0KBAttack.a`

b9fc06697cabacbbadea…

Erkannt: 20/76 (26.3%) – Backdoor.Linux.BASHLITE.SMJC

Erkennende Engines (20):

Engine	Name
\| AhnLab-V3	`Linux/Cve-2018-10088.Gen`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast-Mobile	`ELF:Mirai-CQP [Trj]`
ClamAV	`Unix.Trojan.Mirai-9760303-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9810`
GData	`Linux.Trojan.Gafgyt.B`
Google	`Detected`
Ikarus	`Trojan.Linux.Gafgyt`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.gen`
McAfeeD	`Trojan:Linux/Mirai.EQM`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.had`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC`
Varist	`E32/Mirai.AT.gen!Eldorado`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.hk`

0e328f948e2b12a2fd76…

Erkannt: 31/76 (40.8%) – MalwareX-gen [Cryp]

Erkennende Engines (31):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Cryp]`
Antiy-AVL	`Trojan/MSIL.Kryptik`
Avast	`MalwareX-gen [Cryp]`
Avira	`TR/Crypt.XPACK.Gen`
Bkav	`W32.AIDetectMalware.CS`
ClamAV	`Win.Packed.Atraps-10029864-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.BankBot.2882`
ESET-NOD32	`MSIL/Kryptik.UON trojan`
Elastic	`malicious (high confidence)`
F-Secure	`Trojan.TR/Crypt.XPACK.Gen`
Fortinet	`W32/Ursu.844053!tr`
Google	`Detected`
Gridinsoft	`Trojan.Heur!.020134E1`
Ikarus	`Trojan.MSIL.Krypt`
Kaspersky	`HEUR:Trojan-Downloader.MSIL.PsDownload.gen`
Kingsoft	`malware.kb.c.1000`
Malwarebytes	`Malware.AI.678705963`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Real Protect-LS!E5822DBD8B7A`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Generic ML PUA (PUA)`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`malicious.high.ml.score`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VirIT	`Trojan.Win32.MSIL_Heur.A`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 22:28 \| [1602af5cd87f…](https://bazaar.abuse.ch/sample/1602af5cd87fc39dc09354f1ba928f5bf9463113ec53304c84d28d836b10b7ab/)	`unknown`
\| 22:20 \| [8e975cbb14de…](https://bazaar.abuse.ch/sample/8e975cbb14defe8042f19d8cc83d93fb0b08ca36194880fdb2bbeb9e8f63bf81/)	`unknown`
\| 22:16 \| [63d0255437c8…](https://bazaar.abuse.ch/sample/63d0255437c890a4b13a8e8fb02c3b3edf8f8af3bb08293026076bfe626ef4df/)	`zip`
\| 22:13 \| [d8fae1f3303b…](https://bazaar.abuse.ch/sample/d8fae1f3303be955e67ee1ef8a823c7879a796023e6e23790492cd3af0e551b0/)	`zip`
\| 22:06 \| [5c2d6c1df40a…](https://bazaar.abuse.ch/sample/5c2d6c1df40a89776f6f28869249214d6f4d6e0ef4708b0eff1671bb1ce77933/)	`exe`

MITRE ATT&CK Taktiken

Mirai: 2 Samples
Hacktool: 1 Samples
SalatStealer: 1 Samples
Trojaner: 2 Samples
Loader: 1 Samples
Initial Access: 2 Samples
Lateral Movement: 2 Samples
Eindeutige Familien: 5 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 20:41 UTC – 25 neue Samples – 6 kritisch – unbekannt

Fri, 03 Apr 2026 20:41:00 +0000

Stand: 03.04.2026 20:41 UTC

Neue Samples dieser Session: 25

Risiko-Verteilung

🔴 Kritisch: 6
🟠 Hoch: 6
🟡 Mittel: 14
🟢 Niedrig: 0

Höchster Score: 84.4/100 (253ee9fe2fbbd044…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

126a550686490b9354cf…

Erkannt: 8/76 (10.5%) – W32.AIDetectMalware

Erkennende Engines (8):

Engine	Name
\| Bkav	`W32.AIDetectMalware`
DeepInstinct	`MALICIOUS`
DrWeb	`Program.Infatica.9`
ESET-NOD32	`Win32/Infatica.D potentially unwanted application`
Malwarebytes	`PUP.Optional.Infatica`
Rising	`PUA.Infatica!8.13E67 (CLOUD)`
Sophos	`Generic Reputation PUA (PUA)`
TrellixENS	`Artemis!6EEC3EA965EC`

4a7064202e47848c09c0…

Erkannt: 4/76 (5.3%) – Win32/Infatica.D potentially unwanted application

Erkennende Engines (4):

Engine	Name
\| APEX	`Malicious`
Cynet	`Malicious (score: 100)`
ESET-NOD32	`Win32/Infatica.D potentially unwanted application`
Kaspersky	`not-a-virus:Server-Proxy.Win64.Infatica.gen`

c75b512cabcd93a14c35…

Erkannt: 14/76 (18.4%) – W64.AIDetectMalware

Erkennende Engines (14):

Engine	Name
\| APEX	`Malicious`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Google	`Detected`
Gridinsoft	`Trojan.Win64.Agent.oa!s1`
Ikarus	`Trojan.Win64.Cab`
Microsoft 🛡️	`Trojan:Win32/Wacatac.C!ml`
Sangfor	`Trojan.Win32.Save.a`
Symantec	`ML.Attribute.HighConfidence`
Yandex	`Backdoor.Agent!ifo2QKtnwQ0`

149bf791a0d8a880ebdd…

Erkannt: 44/76 (57.9%) – Mal/AuItInj-D

Erkennende Engines (44):

Engine	Name
\| APEX	`Malicious`
AVG	`FileRepMalware [Misc]`
AhnLab-V3	`Trojan/AU3.Loader.S3029`
Alibaba	`Trojan:Win32/AutoInject.8de485a0`
Avast	`FileRepMalware [Misc]`
Avira	`DR/AutoIt.Gen8`
Bkav	`W32.AIDetectMalware`
CTX	`exe.trojan.autoit`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.PWS.Siggen5.32681`
ESET-NOD32	`Win32/Injector.Autoit.GXK trojan`
Elastic	`malicious (high confidence)`
F-Secure	`Dropper.DR/AutoIt.Gen8`
Fortinet	`AutoIt/Formbook.A!tr`
GData	`MSIL.Trojan-Stealer.AgentTesla.8JV7GH`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Downloader.sa`
Ikarus	`Trojan.Autoit`
Kaspersky	`Trojan.Win64.Injects.igg`
Kingsoft	`Win32.Troj.Unknown.a`
Lionic	`Trojan.Win32.Bingoml.ts62`
Malwarebytes	`Trojan.Injector.AutoIt`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`ti!149BF791A0D8`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Injector!8.C4 (CLOUD)`
Sangfor	`Trojan.Win32.Save.a`
Skyhigh	`BehavesLike.Win32.Dropper.tc`
Sophos	`Mal/AuItInj-D`
Symantec	`Trojan.Malautoit!g3`
Tencent	`Autoit.Trojan.Autoit.Kjgl`
TrellixENS	`Artemis!1A2D950C3708`
TrendMicro	`TROJ_GEN.R06CC0DD326`
TrendMicro-HouseCall	`TROJ_GEN.F0D1C00D326`
Varist	`W32/AutoIt.AEK.gen!Eldorado`
ViRobot	`Trojan.Win.Z.Autoit.1218048`
VirIT	`Trojan.Win32.AutoIt_Heur.L`
ZoneAlarm	`Mal/AuItInj-D`
alibabacloud	`Trojan[dropper]:Win/AutoInject.NVZ2XJC`
huorong	`Trojan/AutoIT.Injector.fc`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 20:33 \| [d171ff9bc17c…](https://bazaar.abuse.ch/sample/d171ff9bc17c1d9109580ca46060b3bb7d30827243ad79f34d3a169fc634bac0/)	`exe`
\| 20:31 \| [253ee9fe2fbb…](https://bazaar.abuse.ch/sample/253ee9fe2fbbd0447a186724de9a352c229872e3e46fd61197c322bc7c9878aa/)	`elf`
\| 20:27 \| [ee66b4aee736…](https://bazaar.abuse.ch/sample/ee66b4aee73634ea0ccb47755bbdab86acb77db866335a30126505c9e820af5c/)	`dll`
\| 20:26 \| [126a55068649…](https://bazaar.abuse.ch/sample/126a550686490b9354cfb51fa2d4d4703b469b8eec2497889d017ce4f32f38e4/)	`dll`
\| 20:19 \| [4a7064202e47…](https://bazaar.abuse.ch/sample/4a7064202e47848c09c0261f4b6c9a69487408c54ed7f5942cbcd775489aa00b/)	`exe`

MITRE ATT&CK Taktiken

Smoke Loader: 2 Samples
Amadey: 2 Samples
SpyNote: 2 Samples
Mirai: 1 Samples
AIDetectMalware: 1 Samples
D potentially unwanted applica: 1 Samples
ValleyRAT: 1 Samples
AgentTesla: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 18:54 UTC – 39 neue Samples – 20 kritisch – Mirai

Fri, 03 Apr 2026 18:54:00 +0000

Stand: 03.04.2026 18:54 UTC

Neue Samples dieser Session: 39

Risiko-Verteilung

🔴 Kritisch: 20
🟠 Hoch: 4
🟡 Mittel: 12
🟢 Niedrig: 4

Höchster Score: 89.5/100 (741508351f8b822d…)

Häufigste Familie: Mirai

Häufigster Typ: ?

VirusTotal-Ergebnisse

d3cc5fceeda8d98795d9…

Erkannt: 17/76 (22.4%) – MalwareX-gen [Pws]

Erkennende Engines (17):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Pws]`
AhnLab-V3	`Trojan/Win.MalwareX-gen.C5863950`
Avast	`MalwareX-gen [Pws]`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Kryptik.GQN trojan`
Elastic	`malicious (high confidence)`
Fortinet	`W64/Kryptik.GQN!tr`
Kaspersky	`UDS:Trojan.Win64.OffensiveGolang.gen`
Kingsoft	`malware.kb.a.993`
McAfeeD	`ti!D3CC5FCEEDA8`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Rising	`Trojan.OffensiveGolang!8.1DAEC (TFE:5:HlvPF7KhYnN)`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`

4e3b462c48cd70da96ff…

Erkannt: 39/76 (51.3%) – Trojan.Linux.Mirai.1

Erkennende Engines (39):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-APD [Trj]`
AhnLab-V3	`Worm/Linux.Mirai.XE228`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-APD [Trj]`
Avast-Mobile	`ELF:Mirai-VW [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.BPP trojan`
Elastic	`Linux.Trojan.Gafgyt`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`Linux/Mirai.REAL!tr`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Backdoor.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
Kingsoft	`Linux.Backdoor.Mirai.cw`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AW!MTB`
Rising	`Backdoor.Gafgyt/Linux!1.12AC3 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Lnx/Mirai-FEBN!366C878A1601`
Sophos	`Linux/DDoS-CI`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.wan`
TrellixENS	`Lnx/Mirai-FEBN!366C878A1601`
TrendMicro	`Backdoor.Linux.MIRAI.SMLBO20`
TrendMicro-HouseCall	`Backdoor.Linux.MIRAI.SMLBO20`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.EN.gen!Camelot`
ZoneAlarm	`Linux/DDoS-CI`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.f`

b6f3c909b03cb77db83d…

Erkannt: 27/76 (35.5%) – Trojan.Linux.Mirai.1

Erkennende Engines (27):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-ADI [Trj]`
AhnLab-V3	`Linux/Mirai14.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-ADI [Trj]`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Trojan.Mirai-9894781-0`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.ASV trojan`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
Fortinet	`Linux/Mirai.REAL!tr`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Backdoor.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.h`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AW!xp`
Rising	`Backdoor.Gafgyt/Linux!1.12AC3 (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.waw`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.BNA`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Backdoor/Linux.Mirai.gm`

fc713295897316a62ac2…

Erkannt: 32/76 (42.1%) – Trojan.Linux.Mirai.1

Erkennende Engines (32):

Engine	Name
\| ALYac	`Trojan.Linux.Mirai.1`
AVG	`ELF:Mirai-GG [Trj]`
AhnLab-V3	`Linux/Mirai09.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Mirai.1`
Avast	`ELF:Mirai-GG [Trj]`
Avira	`EXP/ELF.Agent.F.118`
BitDefender 🛡️	`Trojan.Linux.Mirai.1`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Trojan.Mirai-7666587-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.BPP trojan`
Emsisoft	`Trojan.Linux.Mirai.1 (B)`
F-Secure	`Exploit.EXP/ELF.Agent.F.118`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Trojan.Linux.Mirai.1`
Google	`Detected`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.h`
MicroWorld-eScan	`Trojan.Linux.Mirai.1`
Microsoft 🛡️	`Trojan:Script/Wacatac.B!ml`
Rising	`Backdoor.Gafgyt/Linux!1.12AC3 (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Sophos	`Linux/DDoS-CI`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.was`
VIPRE	`Trojan.Linux.Mirai.1`
Varist	`E32/Mirai.BMR`
ZoneAlarm	`Linux/DDoS-CI`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.f`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 18:37 \| [88b5390aee05…](https://bazaar.abuse.ch/sample/88b5390aee059fb8c0d521bdba9cf870f77d197ee25765747c61c4f3c1ae7bb5/)	`exe`
\| 18:36 \| [741508351f8b…](https://bazaar.abuse.ch/sample/741508351f8b822d9ce3ecd6d380ac5a37b598b7114c3db5e77a2bacd709c7c8/)	`exe`
\| 18:31 \| [78bce4dbf935…](https://bazaar.abuse.ch/sample/78bce4dbf9353aa8ae56ca337525186d17c39b59baba1e0b5589dd5466aaa2b4/)	`exe`
\| 18:27 \| [21b6b9c7262f…](https://bazaar.abuse.ch/sample/21b6b9c7262fe39d2f2ce49115c9c22f50d3e5b0b083a0f8c1ddd776c369ffd3/)	`apk`
\| 18:26 \| [1daade171b2f…](https://bazaar.abuse.ch/sample/1daade171b2f029c80787880db2ce893e5f1252facb6980fb7a93cb0dbb014c3/)	`zip`

MITRE ATT&CK Taktiken

Mirai: 16 Samples
SpyNote: 8 Samples
NetSupport: 2 Samples
AsyncRAT: 1 Samples
RustyStealer: 1 Samples
LummaStealer: 1 Samples
SalatStealer: 1 Samples
RAT: 3 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 16:46 UTC – 31 neue Samples – 14 kritisch – unbekannt

Fri, 03 Apr 2026 16:46:00 +0000

Stand: 03.04.2026 16:46 UTC

Neue Samples dieser Session: 31

Risiko-Verteilung

🔴 Kritisch: 14
🟠 Hoch: 6
🟡 Mittel: 4
🟢 Niedrig: 8

Höchster Score: 86.5/100 (3a72983b2e794cb0…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

9f33efdeabd35154a3c3…

Erkannt: 58/76 (76.3%) – Trojan.MSIL.Basic.8.Gen

Erkennende Engines (58):

Engine	Name
\| ALYac	`Trojan.MSIL.Basic.8.Gen`
APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Cryp]`
Acronis	`suspicious`
AhnLab-V3	`Trojan/Win.FUJL.C5119684`
Alibaba	`Backdoor:MSIL/DCRat.32c58003`
Antiy-AVL	`Trojan[Backdoor]/MSIL.DCRat`
Arcabit	`Trojan.MSIL.Basic.8.Gen`
Avast	`Win32:MalwareX-gen [Cryp]`
Avira	`HEUR/AGEN.1323984`
BitDefender 🛡️	`Trojan.MSIL.Basic.8.Gen`
Bkav	`W32.AIDetectMalware.CS`
CAT-QuickHeal	`Trojan.DCRat.S29707587`
CTX	`exe.trojan.msil`
ClamAV	`Win.Packed.Msilmamut-9950860-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.PWS.StealerNET.124`
ESET-NOD32	`MSIL/Spy.Agent.DTP trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Trojan.MSIL.Basic.8.Gen (B)`
F-Secure	`Heuristic.HEUR/AGEN.1323984`
Fortinet	`MSIL/Agent.DTP!tr.spy`
GData	`Trojan.MSIL.Basic.8.Gen`
Google	`Detected`
Ikarus	`Trojan-Spy.Agent`
K7AntiVirus	`Trojan ( 005c37eb1 )`
K7GW	`Spyware ( 0058ebd51 )`
Kaspersky	`HEUR:Trojan-Spy.MSIL.Stealer.gen`
Kingsoft	`malware.kb.c.978`
Lionic	`Trojan.Win32.Basic.l!c`
Malwarebytes	`Generic.Spyware.Stealer.DDS`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Real Protect-LS!058BCF405264`
MicroWorld-eScan	`Trojan.MSIL.Basic.8.Gen`
Microsoft 🛡️	`Backdoor:MSIL/DCRat!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Backdoor.DcRat!8.129D9 (CLOUD)`
SUPERAntiSpyware	`Trojan.Agent/Gen-Crypt`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`GenericRXTS-LN!058BCF405264`
Sophos	`Troj/DCRat-N`
Symantec	`Backdoor.DCRat`
Tencent	`Trojan.Msil.Dcrat.xa`
TrellixENS	`GenericRXTS-LN!058BCF405264`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`TScope.Trojan.MSIL`
VIPRE	`Trojan.MSIL.Basic.8.Gen`
Varist	`W32/MSIL_Agent.LQ.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
Zillya	`Trojan.BasicGen.Win32.4`
ZoneAlarm	`Troj/DCRat-N`
alibabacloud	`Backdoor:MSIL/DCRat.Gen`
huorong	`TrojanSpy/MSIL.Stealer.n`
tehtris	`Generic.Malware`

0b014555196d3200ff9a…

Erkannt: 64/76 (84.2%) – Generic.MSIL.Bladabindi.63ABA981

Erkennende Engines (64):

Engine	Name
\| ALYac	`Generic.MSIL.Bladabindi.63ABA981`
APEX	`Malicious`
AVG	`MSIL:Agent-DRD [Trj]`
Acronis	`suspicious`
AhnLab-V3	`Backdoor/Win32.Bladabindi.R91438`
Alibaba	`Trojan:Win32/Bladabindi.374`
Antiy-AVL	`Trojan/MSIL.Bladabindi`
Arcabit	`Generic.MSIL.Bladabindi.63ABA981`
Avast	`MSIL:Agent-DRD [Trj]`
Avira	`TR/Dropper.Gen7`
Baidu	`MSIL.Backdoor.Bladabindi.a`
BitDefender 🛡️	`Generic.MSIL.Bladabindi.63ABA981`
Bkav	`W32.FamVT.binANHb.Worm`
CAT-QuickHeal	`Trojan.Generic.TRFH5`
CTX	`exe.trojan.bladabindi`
ClamAV	`Win.Packed.Generic-9795615-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`BackDoor.Bladabindi.13678`
ESET-NOD32	`MSIL/Bladabindi.BC trojan`
Elastic	`Windows.Trojan.Njrat`
Emsisoft	`Trojan.Bladabindi (A)`
F-Secure	`Trojan.TR/Dropper.Gen7`
Fortinet	`MSIL/Bladabindi.AS!tr`
GData	`MSIL.Backdoor.Bladabindi.AV`
Google	`Detected`
Gridinsoft	`Ransom.Win32.Bladabindi.sa`
Ikarus	`Backdoor.MSIL.NJRat`
Jiangmin	`Trojan/Refroso.err`
K7AntiVirus	`Trojan ( 700000201 )`
K7GW	`Trojan ( 700000201 )`
Kaspersky	`HEUR:Trojan.Win32.Generic`
Kingsoft	`malware.kb.c.1000`
Lionic	`Trojan.Win32.Generic.mAmC`
Malwarebytes	`Backdoor.NJRat`
McAfeeD	`Real Protect-LS!06D5334D4974`
MicroWorld-eScan	`Generic.MSIL.Bladabindi.63ABA981`
Microsoft 🛡️	`Backdoor:MSIL/Bladabindi!atmn`
NANO-Antivirus	`Trojan.Win32.Disfa.dtznyx`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Backdoor.njRAT!1.9E49 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`Trojan-FIGN`
Sophos	`Troj/DotNet-P`
Tencent	`Trojan.Msil.Bladabindi.za`
TrellixENS	`Trojan-FIGN`
TrendMicro	`BKDR_BLADABI.SMC`
TrendMicro-HouseCall	`BKDR_BLADABI.SMC`
VBA32	`Trojan.MSIL.Bladabindi.Heur`
VIPRE	`Generic.MSIL.Bladabindi.63ABA981`
Varist	`W32/MSIL_Bladabindi.AU.gen!Eldorado`
ViRobot	`Backdoor.Win32.Bladabindi.Gen.A`
VirIT	`Backdoor.Win32.Generic.AWM`
Webroot	`W32.Trojan.Gen`
Xcitium	`Backdoor.MSIL.Bladabindi.A@566ygc`
Yandex	`Trojan.Agent!SJRUpjRPYW8`
Zillya	`Trojan.Disfa.Win32.10634`
ZoneAlarm	`Troj/DotNet-P`
alibabacloud	`Backdoor:MSIL/Bladabindi.AE`
huorong	`Backdoor/Bladabindi.e`
tehtris	`Generic.Malware`

36cfccc84b21d9bb8b3e…

Erkannt: 28/76 (36.8%) – Win64:AURAStealer-B [Pws]

Erkennende Engines (28):

Engine	Name
\| APEX	`Malicious`
AVG	`Win64:AURAStealer-B [Pws]`
AhnLab-V3	`Trojan/Win.AURASTEALER.R762768`
Antiy-AVL	`Trojan[PSW]/Win32.Convagent`
Avast	`Win64:AURAStealer-B [Pws]`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Agent.IQI trojan`
Elastic	`malicious (moderate confidence)`
Kaspersky	`UDS:Trojan-PSW.Win32.Aur`
Kingsoft	`Win32.Trojan.Cobalt.gen`
Lionic	`Trojan.Win32.AURAStealer.4!c`
Malwarebytes	`Malware.Heuristic.2047`
MaxSecure	`Trojan.Malware.591523785.susgen`
McAfeeD	`ti!36CFCCC84B21`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Rising	`Trojan.Tedy!8.16570 (TFE:5:5O4OrdNlhSU)`
Sangfor	`Trojan.Win64.Tedy.V32z`
SentinelOne	`Static AI - Suspicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Malware.Win32.Gencirc.11e507ca`
Trapmine	`malicious.high.ml.score`
TrellixENS	`Artemis!3A0C7D6B576B`
VirIT	`Trojan.Win64.AURAStlr.JIO`

0bb0fa1f70e5ea93c596…

Erkannt: 5/76 (6.6%) – BehavesLike.VBS.Dropper.zp

Erkennende Engines (5):

Engine	Name
\| Kaspersky	`HEUR:Trojan.Script.Generic`
Rising	`Downloader.Agent/VBS!9.671AB (XSE:WFNFX1ZCUzq1w0AYTS9uAk9xvcaSuOGC)`
Skyhigh	`BehavesLike.VBS.Dropper.zp`
Symantec	`ISB.Downloader!gen60`
huorong	`TrojanDownloader/VBS.Agent.jr`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 16:33 \| [9ca80580a4aa…](https://bazaar.abuse.ch/sample/9ca80580a4aa8690f54fba7d7734b73752653b3aaf7de55be60166534e3ae281/)	`unknown`
\| 16:25 \| [1aeae34c264b…](https://bazaar.abuse.ch/sample/1aeae34c264bbfbd4eed6d92a94ac788bfb9b050a54032fde811402d63f18bf8/)	`apk`
\| 16:24 \| [79f56edc1bb1…](https://bazaar.abuse.ch/sample/79f56edc1bb111c0323762dc0c25d9c50c9a62ec4dedc2cf2e0c2010e518b6b4/)	`apk`
\| 16:22 \| [ab257890cf76…](https://bazaar.abuse.ch/sample/ab257890cf760bfe8768f15d60d1be0088b2c7fa8ab17b1981932f6c22b97376/)	`unknown`
\| 16:22 \| [52d9c69e0e98…](https://bazaar.abuse.ch/sample/52d9c69e0e989208553e0f9d697ad665b697cececd289bc1ba14ad18e7a336b7/)	`unknown`

MITRE ATT&CK Taktiken

SpyNote: 2 Samples
DCRat: 1 Samples
VBS: 1 Samples
SalatStealer: 1 Samples
Backdoor: 10 Samples
Loader: 4 Samples
RAT: 2 Samples
Trojaner: 2 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 14:48 UTC – 20 neue Samples – 14 kritisch – unbekannt

Fri, 03 Apr 2026 14:48:00 +0000

Stand: 03.04.2026 14:48 UTC

Neue Samples dieser Session: 20

Risiko-Verteilung

🔴 Kritisch: 14
🟠 Hoch: 3
🟡 Mittel: 1
🟢 Niedrig: 3

Höchster Score: 84.1/100 (4c651b8bfa5c28f1…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

8f98052bcf23cf01f22b…

Erkannt: 21/76 (27.6%) – W32.AIDetectMalware.CS

Erkennende Engines (21):

Engine	Name
\| APEX	`Malicious`
Bkav	`W32.AIDetectMalware.CS`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DrWeb	`Trojan.PackedNET.3505`
ESET-NOD32	`MSIL/Kryptik.APYW trojan`
Elastic	`malicious (moderate confidence)`
Fortinet	`MSIL/GenKryptik.GHWJ!tr`
Ikarus	`Win32.Outbreak`
Kaspersky	`HEUR:Backdoor.MSIL.XWorm.gen`
Malwarebytes	`Malware.AI.707935596`
McAfeeD	`Trojan:Win/GenericPack.BMP`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:Ed/KQBZxm6Rm2iujfsIv2w)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`ML/PE-A`
Symantec	`Scr.Malcode!gdn34`
Tencent	`Msil.Backdoor.Xworm.Ydkl`
VirIT	`Trojan.Win32.MSIL_Heur.A`

d3c7c81f534b213150c0…

Erkannt: 33/76 (43.4%) – ELF:Gafgyt-KS [Trj]

Erkennende Engines (33):

Engine	Name
\| AVG	`ELF:Gafgyt-KS [Trj]`
AhnLab-V3	`Linux/Gafgyt01.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Gafgyt-KS [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Mirai.Z.A`
ClamAV	`Unix.Trojan.Mirai-9441505-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.CVA trojan`
Elastic	`Linux.Trojan.Gafgyt`
F-Secure	`Exploit.EXP/ELF.Mirai.Z.A`
Fortinet	`ELF/Mirai.CVA!tr`
Google	`Detected`
Ikarus	`Linux.Bot`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
Microsoft 🛡️	`Backdoor:Linux/Mirai.DA!MTB`
Rising	`Backdoor.Mirai/Linux!1.1290D (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai-FROZ!E04BFD026521`
Sophos	`Linux/DDoS-FP`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.wam`
TrellixENS	`Linux/Mirai-FROZ!E04BFD026521`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC11`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC11`
Varist	`E32/Mirai.EH.gen!Camelot`
ZoneAlarm	`Linux/DDoS-FP`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.q!crit`

a8a600d0fc39e006205b…

Erkannt: 30/76 (39.5%) – Linux/Mirai-FROZ!FFC8C33C70A1

Erkennende Engines (30):

Engine	Name
\| AVG	`ELF:Agent-AYQ [Trj]`
AhnLab-V3	`Linux/Mirai09.Exp`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Agent-AYQ [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Mirai.Z.A`
ClamAV	`Unix.Trojan.Mirai-9441505-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.CVA trojan`
Elastic	`Linux.Trojan.Gafgyt`
F-Secure	`Exploit.EXP/ELF.Mirai.Z.A`
Fortinet	`ELF/Mirai.CVA!tr`
Google	`Detected`
Ikarus	`Trojan.Linux.Multiverze`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
McAfeeD	`Trojan:Linux/GenericY.BN`
Microsoft 🛡️	`Backdoor:Linux/Mirai.E!xp`
Rising	`Backdoor.Mirai/Linux!1.1290D (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai-FROZ!FFC8C33C70A1`
Sophos	`Linux/DDoS-FP`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.was`
TrellixENS	`Linux/Mirai-FROZ!FFC8C33C70A1`
Varist	`E32/Mirai.DJ.gen!Camelot`
ZoneAlarm	`Linux/DDoS-FP`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.q!crit`

826536353e28abcbbb99…

Erkannt: 22/76 (28.9%) – ELF:CVE-2017-17215-E [Expl]

Erkennende Engines (22):

Engine	Name
\| AVG	`ELF:CVE-2017-17215-E [Expl]`
AhnLab-V3	`Linux/Cve-2018-10088.Gen`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:CVE-2017-17215-E [Expl]`
Avast-Mobile	`ELF:Mirai-CQP [Trj]`
ClamAV	`Unix.Trojan.Gafgyt-9939811-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9810`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Linux.Trojan.Gafgyt.B`
Google	`Detected`
Ikarus	`LINUX.AVF.Bot`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.gk`
McAfeeD	`Trojan:Linux/Mirai.EFZ`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.13097 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.had`
Varist	`E32/Mirai.EN.gen!Camelot`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.f`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 14:33 \| [8bd46e4d069b…](https://bazaar.abuse.ch/sample/8bd46e4d069be47dddc1c267ac5c5eee52766f7c81675108c80c47bd8d947d06/)	`xls`
\| 14:33 \| [0b6b36a1ea64…](https://bazaar.abuse.ch/sample/0b6b36a1ea647ccec195ef2b642aad2ff2fac4e4c53208cb9ee70ffcea6c81f4/)	`rar`
\| 14:32 \| [7b56f314650a…](https://bazaar.abuse.ch/sample/7b56f314650a2b9042ad6cad383b71ba9d2a9cddb5edfc73d2100bb47c809786/)	`exe`
\| 14:30 \| [70ec84b5e252…](https://bazaar.abuse.ch/sample/70ec84b5e252557f7f7ee7fb362d0d1f40569385185ac48b6adbce81a2d58a3e/)	`z`
\| 14:30 \| [8f98052bcf23…](https://bazaar.abuse.ch/sample/8f98052bcf23cf01f22be1a52297c20d1b3db3e98867757008eead3dbe504ef1/)	`exe`

MITRE ATT&CK Taktiken

Mirai: 8 Samples
Smoke Loader: 1 Samples
AIDetectMalware: 1 Samples
ScarfaceStealer: 1 Samples
SalatStealer: 1 Samples
Infostealer: 5 Samples
Loader: 2 Samples
Trojaner: 2 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 13:11 UTC – 9 neue Samples – 6 kritisch – unbekannt

Fri, 03 Apr 2026 13:11:00 +0000

Stand: 03.04.2026 13:11 UTC

Neue Samples dieser Session: 9

Risiko-Verteilung

🔴 Kritisch: 6
🟠 Hoch: 2
🟡 Mittel: 2
🟢 Niedrig: 0

Höchster Score: 80.7/100 (255ad359962cccd9…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

69b641635a37fd961410…

Erkannt: 25/76 (32.9%) – Generic.XPL.ADODB.54E1E581

Erkennende Engines (25):

Engine	Name
\| ALYac	`Generic.XPL.ADODB.54E1E581`
Arcabit	`Generic.XPL.ADODB.54E1E581`
BitDefender 🛡️	`Generic.XPL.ADODB.54E1E581`
CTX	`vba.trojan.psyme`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`PowerShell/Agent.AOR trojan`
Emsisoft	`Generic.XPL.ADODB.54E1E581 (B)`
F-Secure	`Trojan:W32/SuspiciousHTADropper.B`
GData	`Generic.XPL.ADODB.54E1E581`
Google	`Detected`
Kaspersky	`HEUR:Trojan.Script.Generic`
Lionic	`Trojan.HTML.Psyme.4!c`
MicroWorld-eScan	`Generic.XPL.ADODB.54E1E581`
Microsoft 🛡️	`Trojan:Win32/Kepavll!rfn`
Rising	`Trojan.DL.VBS.Agent.xge (CLASSIC)`
Skyhigh	`BehavesLike.HTML.Dropper.zq`
Sophos	`Mal/Psyme-A`
Symantec	`ISB.Downloader!gen60`
Tencent	`Script.Trojan.Generic.Vgil`
TrendMicro	`HEUR_VBS.DL1`
TrendMicro-HouseCall	`HEUR_VBS.DL1`
VIPRE	`Generic.XPL.ADODB.54E1E581`
Yandex	`HTML.Psyme.Gen`
ZoneAlarm	`Mal/Psyme-A`
alibabacloud	`Trojan:Win/XPL.AFX!G`

61cab707c0869212b0ee…

Erkannt: 18/76 (23.7%) – Trojan.GenericKD.79840283

Erkennende Engines (18):

Engine	Name
\| Arcabit	`Trojan.Generic.D4C2441B`
BitDefender 🛡️	`Trojan.GenericKD.79840283`
Bkav	`W64.AIDetectMalware`
CTX	`exe.trojan.generic`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Emsisoft	`Trojan.GenericKD.79840283 (B)`
GData	`Trojan.GenericKD.79840283`
Kaspersky	`VHO:Trojan.Win32.Agent.gen`
McAfeeD	`ti!61CAB707C086`
MicroWorld-eScan	`Trojan.GenericKD.79840283`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Sangfor	`Trojan.Win32.Agent.V2js`
Sophos	`Mal/Generic-S`
TrellixENS	`Artemis!EC60EB2DC085`
VIPRE	`Trojan.GenericKD.79840283`

604697c8a05c31f1135e…

Erkannt: 2/76 (2.6%) – Trojan[Backdoor]/Linux.Mirai

Erkennende Engines (2):

Engine	Name
\| Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
SentinelOne	`Static AI - Suspicious ELF`

ae9922b4b6ad2cfae21a…

Erkannt: 25/75 (33.3%) – Backdoor.Linux.BASHLITE.SMJC

Erkennende Engines (25):

Engine	Name
\| AVG	`ELF:Mirai-CFS [Trj]`
AhnLab-V3	`Linux/Cve-2018-10088.Gen`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Mirai-CFS [Trj]`
Avast-Mobile	`ELF:Mirai-CQP [Trj]`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9810`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Linux.Trojan.Gafgyt.B`
Google	`Detected`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.gk`
Kingsoft	`Linux.Backdoor.Mirai.gk`
Lionic	`Trojan.Linux.Mirai.K!c`
McAfeeD	`Trojan:Linux/Mirai.EFZ`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.13097 (CLASSIC)`
Sangfor	`Backdoor.Linux.Mirai.Vf61`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.had`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC`
Varist	`E32/Mirai.AT.gen!Eldorado`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.hk`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 12:44 \| [69b641635a37…](https://bazaar.abuse.ch/sample/69b641635a37fd961410402f8c7e66bd072d51e26f9a6be7d03f185eb344f746/)	`hta`
\| 12:40 \| [17ef90287357…](https://bazaar.abuse.ch/sample/17ef90287357375f65849773176f5da3490080403170ccbdaa1358f3db767d15/)	`exe`
\| 12:38 \| [61cab707c086…](https://bazaar.abuse.ch/sample/61cab707c0869212b0ee594da70e668821803db6e9fcb3a3ec8a414dbe80c63e/)	`exe`
\| 12:34 \| [255ad359962c…](https://bazaar.abuse.ch/sample/255ad359962cccd9b48e81c5ea98bb71e2f212ec175b731a2625314bcce7711c/)	`jar`
\| 12:02 \| [604697c8a05c…](https://bazaar.abuse.ch/sample/604697c8a05c31f1135e03c625fead61c11e3a1d4c03a7c721b292a196b26a89/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 2 Samples
XPL: 1 Samples
RustyStealer: 1 Samples
SalatStealer: 1 Samples
Trojaner: 3 Samples
RAT: 1 Samples
Loader: 1 Samples
Infostealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 10:47 UTC – 14 neue Samples – 1 kritisch – unbekannt

Fri, 03 Apr 2026 10:47:00 +0000

Stand: 03.04.2026 10:47 UTC

Neue Samples dieser Session: 14

Risiko-Verteilung

🔴 Kritisch: 1
🟠 Hoch: 5
🟡 Mittel: 3
🟢 Niedrig: 6

Höchster Score: 80.7/100 (3f96d585497d116f…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

d906e3af0250cd073fc9…

Erkannt: 31/75 (41.3%) – Gen:Variant.Lazy.714084

Erkennende Engines (31):

Engine	Name
\| APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Formbook.X2183`
Arcabit	`Trojan.Lazy.DAE564`
BitDefender 🛡️	`Gen:Variant.Lazy.714084`
Bkav	`W32.AIDetectMalware.CS`
CTX	`exe.unknown.lazy`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Lazy.714084 (B)`
Fortinet	`MSIL/AgentTesla.I!tr`
GData	`Gen:Variant.Lazy.714084`
Google	`Detected`
Ikarus	`Trojan.MSIL.Crypt`
Kingsoft	`malware.kb.c.999`
Malwarebytes	`MachineLearning/Anomalous.97%`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Trojan:Win/Vidar.TB`
MicroWorld-eScan	`Gen:Variant.Lazy.714084`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
SentinelOne	`Static AI - Malicious PE`
Sophos	`ML/PE-A`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`malicious.moderate.ml.score`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`Malware-Cryptor.MSIL.AgentTesla.Heur`
VIPRE	`Gen:Variant.Lazy.714084`
Varist	`W32/MSIL_Agent.KBL.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
huorong	`Trojan/MSIL.Injector.nj`

0be4b693eea4b551de00…

Erkannt: 44/75 (58.7%) – Gen:Heur.Mint.Zard.39

Erkennende Engines (44):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Bot]`
AhnLab-V3	`Trojan/Win.Phorpiex.R601456`
Alibaba	`Worm:Win32/Phorpiex.2848f50f`
Antiy-AVL	`Trojan/Win32.Patched`
Arcabit	`Trojan.Mint.Zard.39`
Avast	`Win32:MalwareX-gen [Bot]`
Avira	`HEUR/AGEN.1371853`
BitDefender 🛡️	`Gen:Heur.Mint.Zard.39`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.mint`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.DownLoader46.474`
ESET-NOD32	`Win32/Phorpiex_AGen.U worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Heur.Mint.Zard.39 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1371853`
Fortinet	`W32/Phorpiex.W!tr`
GData	`Gen:Heur.Mint.Zard.39`
Google	`Detected`
Ikarus	`Worm.Win32.Phorpiex`
K7AntiVirus	`EmailWorm ( 005df7d61 )`
K7GW	`EmailWorm ( 005df7d61 )`
Kaspersky	`VHO:Trojan-Dropper.Win32.Convagent.gen`
Kingsoft	`Win32.Trojan-Dropper.Convagent.gen`
Malwarebytes	`Spyware.Phorpiex`
McAfeeD	`ti!0BE4B693EEA4`
MicroWorld-eScan	`Gen:Heur.Mint.Zard.39`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.BF!MTB`
Panda	`Trj/Genetic.gen`
Rising	`Trojan.Phorpiex!8.4A25 (TFE:5:UGGl9kuHmvK)`
SUPERAntiSpyware	`Trojan.Agent/Gen-Downloader`
Sangfor	`Trojan.Win32.Save.a`
SentinelOne	`Static AI - Suspicious PE`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDropper.Phorpiex`
VIPRE	`Gen:Heur.Mint.Zard.39`
Varist	`W32/S-c70f2e64!Eldorado`
Xcitium	`TrojWare.Win32.Injector.UOL@4q80ri`
alibabacloud	`Trojan:Win/Phorpiex.RK8PHU`
huorong	`Worm/Phorpiex.o`

11fbaa9f11fb195b7a2d…

Erkannt: 47/75 (62.7%) – Gen:Heur.Mint.Zard.39

Erkennende Engines (47):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Bot]`
AhnLab-V3	`Trojan/Win.Phorpiex.R601456`
Alibaba	`Worm:Win32/Phorpiex.0ead172d`
Antiy-AVL	`Trojan/Win32.Patched`
Arcabit	`Trojan.Mint.Zard.39`
Avast	`Win32:MalwareX-gen [Bot]`
Avira	`HEUR/AGEN.1371853`
BitDefender 🛡️	`Gen:Heur.Mint.Zard.39`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.mint`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.DownLoader46.474`
ESET-NOD32	`Win32/Phorpiex_AGen.U worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Heur.Mint.Zard.39 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1371853`
Fortinet	`W32/Phorpiex.W!tr`
GData	`Gen:Heur.Mint.Zard.39`
Google	`Detected`
Ikarus	`Worm.Win32.Phorpiex`
K7AntiVirus	`EmailWorm ( 005df7d61 )`
K7GW	`EmailWorm ( 005df7d61 )`
Kaspersky	`VHO:Trojan-Dropper.Win32.Convagent.gen`
Kingsoft	`malware.kb.a.997`
Malwarebytes	`Spyware.Phorpiex`
McAfeeD	`ti!11FBAA9F11FB`
MicroWorld-eScan	`Gen:Heur.Mint.Zard.39`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.BF!MTB`
Panda	`Trj/Genetic.gen`
Rising	`Trojan.Phorpiex!8.4A25 (TFE:5:UGGl9kuHmvK)`
SUPERAntiSpyware	`Trojan.Agent/Gen-Downloader`
Sangfor	`Trojan.Win32.Save.a`
SentinelOne	`Static AI - Suspicious PE`
Skyhigh	`Trojan-JBBB!0B7EA97CC371`
Symantec	`ML.Attribute.HighConfidence`
TrellixENS	`Trojan-JBBB!0B7EA97CC371`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDropper.Phorpiex`
VIPRE	`Gen:Heur.Mint.Zard.39`
Varist	`W32/S-c70f2e64!Eldorado`
Xcitium	`TrojWare.Win32.Injector.UOL@4q80ri`
alibabacloud	`Trojan:Win/Phorpiex.RK8PHU`
huorong	`Worm/Phorpiex.o`

7754fc3ae79dd10fdb5f…

Erkannt: 33/75 (44.0%) – Trojan.MSIL.Basic.8.Gen

Erkennende Engines (33):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Rat]`
AhnLab-V3	`Trojan/Win.Formbook.X2183`
Alibaba	`Backdoor:Win32/MalwareX.acff67ca`
Antiy-AVL	`Trojan/MSIL.AgentTesla`
Arcabit	`Trojan.MSIL.Basic.8.Gen`
Avast	`MalwareX-gen [Rat]`
BitDefender 🛡️	`Trojan.MSIL.Basic.8.Gen`
Bkav	`W32.AIDetectMalware.CS`
CTX	`exe.trojan.basic`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Emsisoft	`Trojan.MSIL.Basic.8.Gen (B)`
Fortinet	`MSIL/AgentTesla.I!tr`
GData	`Trojan.MSIL.Basic.8.Gen`
Google	`Detected`
Ikarus	`Trojan.MSIL.Crypt`
Kaspersky	`HEUR:Backdoor.MSIL.XWorm.gen`
Malwarebytes	`Malware.AI.3988672617`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`ti!7754FC3AE79D`
MicroWorld-eScan	`Trojan.MSIL.Basic.8.Gen`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
SentinelOne	`Static AI - Malicious PE`
Sophos	`ML/PE-A`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`Malware-Cryptor.MSIL.AgentTesla.Heur`
VIPRE	`Trojan.MSIL.Basic.8.Gen`
Varist	`W32/MSIL_Agent.KBL.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
huorong	`Trojan/MSIL.Injector.nj`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 10:46 \| [5940e5fbcb9f…](https://bazaar.abuse.ch/sample/5940e5fbcb9f26a53b3ce07017f14152166a172d80123454bc59af5b245d320e/)	`zip`
\| 10:29 \| [882f86120069…](https://bazaar.abuse.ch/sample/882f861200690ffc956dad07f185a088de7a480fc141bc03e7e7d1164d126624/)	`elf`
\| 10:27 \| [d906e3af0250…](https://bazaar.abuse.ch/sample/d906e3af0250cd073fc95562043bde0d89b86232765ccfab8ee0c2836642de78/)	`exe`
\| 10:27 \| [582a62508322…](https://bazaar.abuse.ch/sample/582a625083229573709b5df4f3d71b701759873df3eaff7ffe8ceec84c5828ec/)	`exe`
\| 10:25 \| [8efaa909572a…](https://bazaar.abuse.ch/sample/8efaa909572a4324b2f0072a419acf2dbdd1de8eff96a05708aed73f2bfed7be/)	`unknown`

MITRE ATT&CK Taktiken

Lazy: 1 Samples
ValleyRAT: 1 Samples
Phorpiex: 1 Samples
Mint: 1 Samples
DarkTortilla: 1 Samples
SalatStealer: 1 Samples
Loader: 3 Samples
Trojaner: 2 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 09:00 UTC – 24 neue Samples – 4 kritisch – unbekannt

Fri, 03 Apr 2026 09:00:00 +0000

Stand: 03.04.2026 09:00 UTC

Neue Samples dieser Session: 24

Risiko-Verteilung

🔴 Kritisch: 4
🟠 Hoch: 3
🟡 Mittel: 13
🟢 Niedrig: 5

Höchster Score: 83.3/100 (5c5ec5d6dfd71e58…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

4e5777574f81eadada40…

Erkannt: 24/75 (32.0%) – FileRepMalware [Misc]

Erkennende Engines (24):

Engine	Name
\| APEX	`Malicious`
AVG	`FileRepMalware [Misc]`
Avast	`FileRepMalware [Misc]`
Bkav	`W32.AIDetectMalware.CS`
CrowdStrike	`win/malicious_confidence_100% (W)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.PackedNET.3505`
Elastic	`malicious (high confidence)`
Fortinet	`MSIL/GenKryptik.GHWJ!tr`
Google	`Detected`
Ikarus	`Trojan.MSIL.Crypt`
Kaspersky	`UDS:Trojan.MSIL.PowerShell.gen`
Malwarebytes	`Trojan.MalPack.GS`
McAfeeD	`Trojan:Win/GenericPack.BMP`
Microsoft 🛡️	`Trojan:Win32/Sonbokli.A!cl`
Paloalto	`generic.ml`
Rising	`Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:eNdaTr1z2BbFtnKG3c6KVw)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`Scr.Malcode!gdn34`
Varist	`W32/MSIL_Agent.JZL.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
Webroot	`Win.Malware.Gen`

e20f675c8df2bf4abbe8…

Erkannt: 39/75 (52.0%) – Application.Generic.4495641

Erkennende Engines (39):

Engine	Name
\| AVG	`ELF:Agent-CXA [Trj]`
AhnLab-V3	`CoinMiner/Linux.Agent.30304472`
Antiy-AVL	`Trojan/Linux.Multiverze`
Arcabit	`Application.Generic.D449919`
Avast	`ELF:Agent-CXA [Trj]`
Avira	`EXP/ELF.Coinminer.A`
BitDefender 🛡️	`Application.Generic.4495641`
CTX	`elf.trojan.generic`
ClamAV	`Unix.Trojan.Coinminer-10007864-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Siggen.8622`
ESET-NOD32	`Linux/CoinMiner.ABF trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Application.Generic.4495641 (B)`
F-Secure	`Exploit.EXP/ELF.Coinminer.A`
Fortinet	`Adware/Miner`
GData	`Application.Generic.4495641`
Google	`Detected`
Ikarus	`Trojan.Linux.Generic`
Jiangmin	`Trojan.Linux.dsm`
Kaspersky	`HEUR:Trojan.Linux.Miner.gen`
Kingsoft	`Linux.Trojan.Miner.gen`
Lionic	`Trojan.Linux.Miner.4!c`
McAfeeD	`Trojan:Linux/Multiverze.EAB`
MicroWorld-eScan	`Application.Generic.4495641`
Microsoft 🛡️	`Trojan:Linux/Multiverze!rfn`
Panda	`ELF/TrojanGen.A`
Rising	`HackTool.NBMiner/Linux!1.E357 (CLASSIC)`
SentinelOne	`Static AI - Suspicious ELF`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.NPE`
Tencent	`Risktool.Linux.Miner.ck`
TrendMicro	`TROJ_GEN.R002C0DL925`
VBA32	`Trojan.Linux.Agent`
VIPRE	`Application.Generic.4495641`
Varist	`E64/ABMiner.HJMQ-2`
Zillya	`Trojan.252279.Linux.1`
alibabacloud	`Trojan:Linux/Sshscan.X`
huorong	`Trojan/Linux.CoinMiner.ah`

db1576a9cb41e351930b…

Erkannt: 52/75 (69.3%) – Gen:Heur.Variadic.Prometei.A

Erkennende Engines (52):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Trj]`
AhnLab-V3	`Backdoor/Win.VARIADIC.C5802651`
Alibaba	`Trojan:Win32/Prometei.b433f576`
Antiy-AVL	`Trojan/Win32.Prometei`
Arcabit	`Trojan.Variadic.Prometei.A`
Avast	`Win32:MalwareX-gen [Trj]`
BitDefender 🛡️	`Gen:Heur.Variadic.Prometei.A`
Bkav	`W32.Common.6094E86E`
CAT-QuickHeal	`Trojan.IGENERIC`
CTX	`exe.trojan.prometei`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win32/Agent.VSN trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Heur.Variadic.Prometei.A (B)`
Fortinet	`W32/Agent.VSN!tr`
GData	`Gen:Heur.Variadic.Prometei.A`
Google	`Detected`
Ikarus	`Trojan.Win32.Agent`
K7AntiVirus	`Trojan ( 005cf5171 )`
K7GW	`Trojan ( 005cf5171 )`
Kaspersky	`HEUR:Trojan.Win32.Prometei.gen`
Kingsoft	`malware.kb.a.958`
Lionic	`Trojan.Win32.Prometei.4!c`
Malwarebytes	`Backdoor.Prometei`
MaxSecure	`Trojan.Malware.327802953.susgen`
McAfeeD	`Trojan:Win/Prometei.P`
MicroWorld-eScan	`Gen:Heur.Variadic.Prometei.A`
Microsoft 🛡️	`Trojan:Win32/NetWalker!AMTB`
Paloalto	`generic.ml`
Panda	`Trj/Agent.RP`
Rising	`Worm.Prometei!1.DBE9 (CLASSIC)`
Sangfor	`Trojan.Win32.Prometei.Vqf4`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Malware.Win32.Gencirc.14a793c8`
Trapmine	`malicious.moderate.ml.score`
TrellixENS	`Generic Trojan.obx`
TrendMicro	`Trojan.Win32.PROMETEI.I`
TrendMicro-HouseCall	`Trojan.Win32.PROMETEI.I`
VBA32	`BScope.Backdoor.Prometei`
VIPRE	`Gen:Heur.Variadic.Prometei.A`
Varist	`W32/ABTrojan.LUNK-4636`
VirIT	`Trojan.Win32.GenusC.JAV`
Xcitium	`Malware@#tad7t4hlgwfe`
Yandex	`Trojan.Prometei!j+o1Jbungjw`
Zillya	`Trojan.Agent.Win32.4339113`
alibabacloud	`Miner:Win/Prometei.gyf`
huorong	`Worm/Prometei.a`

34e9982ee33cd630b7a9…

Erkannt: 25/75 (33.3%) – Trojan.Generic.39479027

Erkennende Engines (25):

Engine	Name
\| Arcabit	`Trojan.Generic.D25A66F3`
BitDefender 🛡️	`Trojan.Generic.39479027`
CTX	`elf.trojan.prometei`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`Linux/Prometei.C trojan`
Emsisoft	`Trojan.Generic.39479027 (B)`
Fortinet	`Linux/Prometei.C!tr`
GData	`Trojan.Generic.39479027`
Google	`Detected`
Ikarus	`Trojan.Linux.Prometei`
Kaspersky	`HEUR:Trojan.Linux.Agent.gen`
Lionic	`Trojan.Linux.Prometei.4!c`
MicroWorld-eScan	`Trojan.Generic.39479027`
Microsoft 🛡️	`Trojan:Linux/Multiverze!rfn`
Rising	`Trojan.Prometei/Linux!8.132EB (CLOUD)`
Sangfor	`Trojan.Linux.Prometei.Vhfo`
SentinelOne	`Static AI - Suspicious ELF`
Sophos	`Mal/Generic-S`
Symantec	`Meterpreter`
Tencent	`Malware.Linux.Generic.1c043738`
TrendMicro-HouseCall	`TROJ_GEN.R002H09AI26`
VIPRE	`Trojan.Generic.39479027`
Varist	`E64/ABTrojan.MGMU-`
alibabacloud	`Miner:Win/Prometei.C`
huorong	`Trojan/Prometei.d`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 08:46 \| [db4973d86588…](https://bazaar.abuse.ch/sample/db4973d865880696e334cd7ce2a7ff7255c24b9921dd526280bd1de6bb03753e/)	`zip`
\| 08:42 \| [8d76a3dbb53c…](https://bazaar.abuse.ch/sample/8d76a3dbb53c4750cd0c699011ddad9c5f595ab2ebb2d6d70fbb6b061bcdcb02/)	`exe`
\| 08:42 \| [d64bc0975e32…](https://bazaar.abuse.ch/sample/d64bc0975e32b85b1d5f927f62cbeb56316ceebad70a78bbf233f515d3067c06/)	`ps1`
\| 08:42 \| [63fa8cd20986…](https://bazaar.abuse.ch/sample/63fa8cd20986bc21a1a54ecb9db2dfe0db9618a3f0917e46d44f64317e7213b8/)	`ps1`
\| 08:34 \| [4fe1a58eba35…](https://bazaar.abuse.ch/sample/4fe1a58eba35e2e861aa508d45ea5d572e0529587bb1a9000875dbddf7f59bf9/)	`exe`

MITRE ATT&CK Taktiken

AgentTesla: 4 Samples
Prometei: 4 Samples
PhantomStealer: 1 Samples
ValleyRAT: 1 Samples
SalatStealer: 1 Samples
Trojaner: 5 Samples
Infostealer: 1 Samples
RAT: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 07:15 UTC – 5 neue Samples – 2 kritisch – unbekannt

Fri, 03 Apr 2026 07:15:00 +0000

Stand: 03.04.2026 07:15 UTC

Neue Samples dieser Session: 5

Risiko-Verteilung

🔴 Kritisch: 2
🟠 Hoch: 3
🟡 Mittel: 1
🟢 Niedrig: 0

Höchster Score: 78.9/100 (3fafbee7a3b7259d…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

3ab9575225e00a83a4ac…

Erkannt: 45/75 (60.0%) – Generic.Ransom.BlackByte.A.33484396

Erkennende Engines (45):

Engine	Name
\| AVG	`Win64:MalwareX-gen [Misc]`
Alibaba	`Ransom:Win64/GENTLEMAN.15edde0a`
Antiy-AVL	`Trojan[Ransom]/Win64.Agent`
Arcabit	`Generic.Ransom.BlackByte.A.D1FEEE6C`
Avast	`Win64:MalwareX-gen [Misc]`
Bkav	`W64.AIDetectMalware`
CAT-QuickHeal	`Trojan.Ghanarava.17751157510c4a5b`
CTX	`exe.ransomware.filecoder`
ClamAV	`Win.Tool.Garble-10044180-0`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Filecoder.Gentlemen.A trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Generic.Ransom.BlackByte.A.33484396 (B)`
GData	`Generic.Ransom.BlackByte.A.33484396`
Google	`Detected`
Ikarus	`Trojan-Ransom.FileCrypter`
K7AntiVirus	`Ransomware ( 005ce6fe1 )`
K7GW	`Ransomware ( 005ce6fe1 )`
Kaspersky	`HEUR:Trojan-Ransom.Win64.Generic`
Kingsoft	`Win64.Trojan-Ransom.Generic.a`
Lionic	`Trojan.Win32.BlackByte.j!c`
Malwarebytes	`Ransom.Filecoder`
McAfeeD	`ti!3AB9575225E0`
MicroWorld-eScan	`Generic.Ransom.BlackByte.A.33484396`
Microsoft 🛡️	`Ransom:Win64/Gentlemen.B`
Paloalto	`generic.ml`
Rising	`Ransom.Gentlemen!1.139D2 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Suspicious PE`
Sophos	`Troj/Gentlem-A`
Symantec	`Trojan Horse`
Tencent	`Malware.Win32.Gencirc.14a2d5fb`
TrendMicro	`Ransom.Win64.GENTLEMAN.SMPI.go`
TrendMicro-HouseCall	`TROJ_GEN.R002H09JJ25`
VBA32	`Trojan.Wacatac`
VIPRE	`Generic.Ransom.BlackByte.A.33484396`
Varist	`W64/Filecoder.NH.gen!Eldorado`
ViRobot	`Trojan.Win.Z.Ransom.2962944.A`
Zillya	`Trojan.Generic.Win64.1326`
ZoneAlarm	`Troj/Gentlem-A`
alibabacloud	`Ransomware:Win/Wacatac.B9nj`
huorong	`Ransom/Filecoder.cv`

3fafbee7a3b7259db3cb…

Erkannt: 27/75 (36.0%) – Gen:Variant.Trojan.Linux.Gafgyt.8

Erkennende Engines (27):

Engine	Name
\| AVG	`ELF:Agent-DMP [Trj]`
AhnLab-V3	`Linux/Gafgyt.Gen15`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Trojan.Linux.Gafgyt.8`
Avast	`ELF:Agent-DMP [Trj]`
Avast-Mobile	`ELF:Agent-DMP [Trj]`
BitDefender 🛡️	`Gen:Variant.Trojan.Linux.Gafgyt.8`
CTX	`elf.trojan.gafgyt`
ClamAV	`Unix.Dropper.Mirai-7135872-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9821`
ESET-NOD32	`Linux/Mirai.AXA trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Gen:Variant.Trojan.Linux.Gafgyt.8 (B)`
Fortinet	`ELF/Mirai.9821!tr`
GData	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Google	`Detected`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.fj`
MicroWorld-eScan	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.BA!xp`
Rising	`Backdoor.Mirai/Linux!1.130E7 (CLASSIC)`
Skyhigh	`Linux/Mirai.cx`
Tencent	`Trojan.Linux.Mirai.nk`
TrellixENS	`Linux/Mirai.cx`
VIPRE	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Varist	`E32/Mirai.EI.gen!Eldorado`
huorong	`Trojan/Linux.Mirai.f`

a231b7617c57c8d17d35…

Erkannt: 43/75 (57.3%) – Trojan.Generic.39667944

Erkennende Engines (43):

Engine	Name
\| AVG	`ELF:CVE-2017-17215-A [Expl]`
AhnLab-V3	`Linux/Mirai.Gen`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Generic.D25D48E8`
Avast	`ELF:CVE-2017-17215-A [Expl]`
Avast-Mobile	`ELF:Mirai-UM [Trj]`
Avira	`EXP/ELF.Gafgyt.X`
BitDefender 🛡️	`Trojan.Generic.39667944`
CTX	`elf.trojan.mirai`
ClamAV	`Unix.Dropper.Mirai-7135965-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9838`
ESET-NOD32	`Linux/Mirai.B trojan`
Elastic	`Linux.Trojan.Gafgyt`
Emsisoft	`Trojan.Generic.39667944 (B)`
F-Secure	`Exploit.EXP/ELF.Gafgyt.X`
Fortinet	`Linux/Mirai.B!tr`
GData	`Linux.Trojan.Mirai.D`
Google	`Detected`
Ikarus	`Linux.Mirai`
K7GW	`Trojan ( 0040f0271 )`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.ew`
Kingsoft	`Linux.Backdoor.elf.2023519`
Lionic	`Trojan.Linux.Mirai.K!c`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.HP`
MicroWorld-eScan	`Trojan.Generic.39667944`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.106E5 (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Linux/Mirai!E657F7CDC77D`
Sophos	`Linux/DDoS-CIA`
Symantec	`Linux.Mirai`
Tencent	`Trojan.Linux.Mirai.blf`
TrellixENS	`Linux/Mirai!E657F7CDC77D`
TrendMicro	`Trojan.Linux.MIRAI.SMMR1`
TrendMicro-HouseCall	`Trojan.Linux.MIRAI.SMMR1`
VIPRE	`Trojan.Generic.39667944`
Varist	`E32/Mirai.EN.gen!Camelot`
ZoneAlarm	`Linux/DDoS-CIA`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Backdoor/Linux.Mirai.da`

62eb5f17ab59b57daf42…

Erkannt: 9/75 (12.0%) – W64.AIDetectMalware

Erkennende Engines (9):

Engine	Name
\| APEX	`Malicious`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_70% (D)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Kryptik.GQN trojan`
Elastic	`malicious (high confidence)`
Kaspersky	`HEUR:Trojan.Win64.OffensiveGolang.gen`
McAfeeD	`ti!62EB5F17AB59`
Microsoft 🛡️	`Trojan:Win32/Phonzy.B!ml`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 06:49 \| [810926f89430…](https://bazaar.abuse.ch/sample/810926f89430144fd258ed4a95f1d77215f657a4e7dac2ce0c410bcffbdca99e/)	`apk`
\| 06:49 \| [3ab9575225e0…](https://bazaar.abuse.ch/sample/3ab9575225e00a83a4ac2b534da5a710bdcf6eb72884944c437b5fbe5c5c9235/)	`exe`
\| 06:22 \| [3fafbee7a3b7…](https://bazaar.abuse.ch/sample/3fafbee7a3b7259db3cb16b1ea7ebf7c12a61ced08e8f71c5e85258090d8b6cf/)	`elf`
\| 06:10 \| [a231b7617c57…](https://bazaar.abuse.ch/sample/a231b7617c57c8d17d3552579e4cd14b82aa112c632ec830643a9bde2034a1f2/)	`elf`
\| 05:49 \| [62eb5f17ab59…](https://bazaar.abuse.ch/sample/62eb5f17ab59b57daf4270d5bb25ab109f23f13ce8a62f45bc2ee2bb84d5507f/)	`exe`

MITRE ATT&CK Taktiken

Ransom: 1 Samples
Gafgyt: 1 Samples
Mirai: 1 Samples
AIDetectMalware: 1 Samples
SalatStealer: 1 Samples
Ransomware: 1 Samples
Loader: 1 Samples
Trojaner: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 05:44 UTC – 23 neue Samples – 10 kritisch – unbekannt

Fri, 03 Apr 2026 05:44:00 +0000

Stand: 03.04.2026 05:44 UTC

Neue Samples dieser Session: 23

Risiko-Verteilung

🔴 Kritisch: 10
🟠 Hoch: 3
🟡 Mittel: 6
🟢 Niedrig: 5

Höchster Score: 90.2/100 (bbe32a257e3aefb4…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

912fcd1ba138a8af6ada…

Erkannt: 34/75 (45.3%) – Trojan ( 005d073f1 )

Erkennende Engines (34):

Engine	Name
\| AVG	`MalwareX-gen [Misc]`
Alibaba	`Packed:Win32/Obfuscated_AGen.90f1a20b`
Antiy-AVL	`Trojan/Win32.Agent`
Avast	`MalwareX-gen [Misc]`
Bkav	`W64.AIDetectMalware`
CAT-QuickHeal	`Trojan.Ghanarava.1775122817721b46`
CTX	`exe.trojan.crystalx`
ClamAV	`Win.Tool.Garble-10044180-0`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Packed.Obfuscated_AGen.G suspicious application`
Elastic	`malicious (moderate confidence)`
Fortinet	`Riskware/Application`
Google	`Detected`
K7AntiVirus	`Trojan ( 005d073f1 )`
K7GW	`Trojan ( 005d073f1 )`
Kaspersky	`Backdoor.Win64.CrystalX.a`
Lionic	`Trojan.Win32.CrystalX.m!c`
Malwarebytes	`Malware.AI.2435949615`
MaxSecure	`Trojan.Malware.324995110.susgen`
McAfeeD	`Trojan:Win/GenericY.GLP`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Backdoor.CrystalX!8.1DB44 (LESS:bWQ1OhpormFPstiHXLBXPmpyG0Y)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`BehavesLike.Win64.Trojan.rh`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
TrellixENS	`Artemis!1A68AE614FB2`
Varist	`W64/ABApplication.ONMQ-0157`
alibabacloud	`VirTool:Multi/Wacatac.C9nj`

cf0c14da713bd05284be…

Erkannt: 38/75 (50.7%) – Gen:Variant.Application.Tedy.52989

Erkennende Engines (38):

Engine	Name
\| AVG	`Win64:MalwareX-gen [Misc]`
AhnLab-V3	`Malware/Win.MalwareX-gen.R765288`
Alibaba	`HackTool:Win32/Inject.f56cc561`
Antiy-AVL	`HackTool/Win32.Inject`
Arcabit	`Trojan.Application.Tedy.DCEFD`
Avast	`Win64:MalwareX-gen [Misc]`
BitDefender 🛡️	`Gen:Variant.Application.Tedy.52989`
CAT-QuickHeal	`Trojan.Ghanarava.17751729419cdd85`
CTX	`dll.hacktool.inject`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/PSW.Agent.QR trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Application.Tedy.52989 (B)`
Fortinet	`Adware/Agent`
GData	`Gen:Variant.Application.Tedy.52989`
Google	`Detected`
Ikarus	`Trojan-PSW.Agent`
K7AntiVirus	`Password-Stealer ( 005ce9db1 )`
K7GW	`Password-Stealer ( 005ce9db1 )`
Kaspersky	`UDS:HackTool.Win32.Inject.heur`
Kingsoft	`Win32.HackTool.Inject.heur`
Lionic	`Hacktool.Win32.Stealer.3!c`
Malwarebytes	`Malware.AI.3591674496`
McAfeeD	`ti!CF0C14DA713B`
MicroWorld-eScan	`Gen:Variant.Application.Tedy.52989`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Stealer.Chrome!1.13517 (CLASSIC)`
Sophos	`Generic Reputation PUA (PUA)`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Malware.Win32.Gencirc.14abb958`
TrellixENS	`Artemis!883CB0AF93A2`
VIPRE	`Gen:Variant.Application.Tedy.52989`
Varist	`W64/ABApplication.NQEJ-9295`
Zillya	`Trojan.Agent.Win64.179136`
alibabacloud	`HackTool:Win/Wacatac.B9nj`

437816447dd69f712003…

Erkannt: 11/75 (14.7%) – MalwareX-gen [Drp]

Erkennende Engines (11):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Drp]`
Avast	`MalwareX-gen [Drp]`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_60% (D)`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`Win64/Agent_AGen.MKO trojan`
Microsoft 🛡️	`Trojan:Win32/Malgent!MSR`
Paloalto	`generic.ml`
Rising	`Backdoor.Lotok!8.111D5 (CLOUD)`
huorong	`HVM:Backdoor/Lotok.ct`

c0a738bc221d179d7883…

Erkannt: 22/75 (29.3%) – FileRepMalware [Drp]

Erkennende Engines (22):

Engine	Name
\| APEX	`Malicious`
AVG	`FileRepMalware [Drp]`
Avast	`FileRepMalware [Drp]`
ClamAV	`Win.Malware.Generic-9867923-0`
CrowdStrike	`win/malicious_confidence_60% (D)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`JS/Agent.UFG trojan`
Elastic	`malicious (moderate confidence)`
GData	`Archive.Trojan.Agent.1ZJUJH`
Ikarus	`Trojan.JS.Agent`
McAfeeD	`ti!C0A738BC221D`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Agent/JS!8.11351 (CLOUD)`
Sangfor	`Trojan.Win32.Silverfox.Cont`
Skyhigh	`Artemis`
Sophos	`Mal/Generic-S`
Symantec	`JS.Redirector`
Tencent	`Win32.Trojan.Generic.Uylw`
Varist	`ABRisk.NSZV-7`
VirIT	`Trojan.Win32.Cryptic.CID`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 05:10 \| [b6e6dc4ff0e2…](https://bazaar.abuse.ch/sample/b6e6dc4ff0e24d915692b113a1f1414518503e92ff21a394e9f38d1ca2ab4275/)	`exe`
\| 05:07 \| [bbe32a257e3a…](https://bazaar.abuse.ch/sample/bbe32a257e3aefb42f557ca65ae171faedb5718283801348e3ea990015ec2db9/)	`exe`
\| 05:06 \| [e08610b28e63…](https://bazaar.abuse.ch/sample/e08610b28e637679feaf243622adf3386a04bd24c915fe64c908d4d68b9fd203/)	`exe`
\| 05:06 \| [33d2ede41373…](https://bazaar.abuse.ch/sample/33d2ede41373ccb57c46aa7f608f7b8610cff511500eaa80c24427a1de11bcb0/)	`exe`
\| 05:05 \| [4049b11974d4…](https://bazaar.abuse.ch/sample/4049b11974d4b950885ae93bc9af3c9352b70a064b373fab60f4c99542f71b20/)	`exe`

MITRE ATT&CK Taktiken

LummaStealer: 2 Samples
Mirai: 1 Samples
Application: 1 Samples
SalatStealer: 1 Samples
Trojaner: 4 Samples
Backdoor: 4 Samples
Infostealer: 3 Samples
Loader: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 03.04.2026 02:40 UTC – 17 neue Samples – 8 kritisch – unbekannt

Fri, 03 Apr 2026 02:40:00 +0000

Stand: 03.04.2026 02:40 UTC

Neue Samples dieser Session: 17

Risiko-Verteilung

🔴 Kritisch: 8
🟠 Hoch: 6
🟡 Mittel: 2
🟢 Niedrig: 2

Höchster Score: 82.7/100 (2db76251333918e6…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

d5c71eced224608ee3d1…

Erkannt: 20/75 (26.7%) – Gen:Variant.Doina.119879

Erkennende Engines (20):

Engine	Name
\| APEX	`Malicious`
Arcabit	`Trojan.Doina.D1D447`
BitDefender 🛡️	`Gen:Variant.Doina.119879`
Bkav	`W64.AIDetectMalware`
CTX	`exe.unknown.doina`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Agent_AGen.MEZ trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Doina.119879 (B)`
GData	`Gen:Variant.Doina.119879`
MaxSecure	`Trojan.Malware.300983.susgen`
MicroWorld-eScan	`Gen:Variant.Doina.119879`
Microsoft 🛡️	`Trojan:Win32/Sabsik.EN.A!ml`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`suspicious.low.ml.score`
VIPRE	`Gen:Variant.Doina.119879`
huorong	`HVM:Trojan/W64.Loader.az`

87db3765294c73cd1f3d…

Erkannt: 46/76 (60.5%) – Gen:Variant.Zusy.594877

Erkennende Engines (46):

Engine	Name
\| ALYac	`Gen:Variant.Zusy.594877`
APEX	`Malicious`
AVG	`Win64:MalwareX-gen [Cryp]`
AhnLab-V3	`Malware/Win.Barys.R715254`
Alibaba	`Trojan:Win64/GenKryptik.b4927c61`
Arcabit	`Trojan.Zusy.D913BD`
Avast	`Win64:MalwareX-gen [Cryp]`
Avira	`HEUR/AGEN.1379366`
BitDefender 🛡️	`Gen:Variant.Zusy.594877`
Bkav	`W64.AIDetectMalware`
CAT-QuickHeal	`Trojan.Ghanarava.1755509914b32540`
CTX	`exe.trojan.agen`
CrowdStrike	`win/malicious_confidence_90% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`a variant of Win64/GenKryptik_AGen.AHT`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Zusy.594877 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1379366`
Fortinet	`W64/GenKryptik.WS!tr`
GData	`Gen:Variant.Zusy.594877`
Google	`Detected`
Ikarus	`Trojan.Win32.Generic`
K7AntiVirus	`Trojan ( 005c85f21 )`
K7GW	`Trojan ( 005c85f21 )`
Lionic	`Trojan.Win32.Generic.4!c`
Malwarebytes	`Malware.AI.2952065517`
McAfeeD	`ti!87DB3765294C`
MicroWorld-eScan	`Gen:Variant.Zusy.594877`
Microsoft 🛡️	`Trojan:Win64/Zusy.AOBB!MTB`
Paloalto	`generic.ml`
Panda	`Trj/Chgt.AD`
Rising	`Trojan.Kryptik!8.8 (TFE:5:BmYmpaK64bB)`
SentinelOne	`Static AI - Suspicious PE`
Skyhigh	`BehavesLike.Win64.Generic.wh`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Malware.Win32.Gencirc.149810b6`
TrellixENS	`Artemis!008174E5EE95`
TrendMicro	`TROJ_GEN.R002C0DH625`
TrendMicro-HouseCall	`TROJ_GEN.R002C0DH625`
VIPRE	`Gen:Variant.Zusy.594877`
Varist	`W64/ABTrojan.LDOB-6393`
alibabacloud	`Trojan:Win/GenKryptik_AGen.AJB`
huorong	`Trojan/Agent.cfs`

798dbfdbdd49ed89de9e…

Erkannt: 45/76 (59.2%) – Gen:Variant.Zusy.594877

Erkennende Engines (45):

Engine	Name
\| ALYac	`Gen:Variant.Zusy.594877`
APEX	`Malicious`
AhnLab-V3	`Malware/Win.Barys.R715254`
Alibaba	`Trojan:Win64/GenKryptik.e11f384f`
Antiy-AVL	`Trojan/Win64.GenKryptik`
Arcabit	`Trojan.Zusy.D913BD`
Avira	`HEUR/AGEN.1379366`
BitDefender 🛡️	`Gen:Variant.Zusy.594877`
Bkav	`W64.AIDetectMalware`
CAT-QuickHeal	`Trojan.Ghanarava.1768172614e778e3`
CTX	`exe.trojan.agen`
CrowdStrike	`win/malicious_confidence_90% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/GenKryptik_AGen.AZE trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Zusy.594877 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1379366`
Fortinet	`W64/GenKryptik_AGen.GL!tr`
GData	`Gen:Variant.Zusy.594877`
Google	`Detected`
Ikarus	`Trojan.Win32.Generic`
K7AntiVirus	`Trojan ( 005ce5ca1 )`
K7GW	`Trojan ( 005ce5ca1 )`
Lionic	`Trojan.Win32.Generic.4!c`
Malwarebytes	`Malware.AI.1114531687`
McAfeeD	`Trojan:Win/GenericY.DKF`
MicroWorld-eScan	`Gen:Variant.Zusy.594877`
Microsoft 🛡️	`Trojan:Win64/Zusy.AOBB!MTB`
Paloalto	`generic.ml`
Panda	`Trj/Chgt.AD`
Rising	`Trojan.Kryptik!8.8 (TFE:5:BmYmpaK64bB)`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`BehavesLike.Win64.Dropper.wh`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win64.Kryptik.16002199`
TrellixENS	`Artemis!4E81FC0F295C`
TrendMicro-HouseCall	`TROJ_GEN.R002C0DLS25`
VIPRE	`Gen:Variant.Zusy.594877`
Varist	`W64/ABTrojan.HONS-8181`
Zillya	`Trojan.GenKryptikAGen.Win64.5333`
alibabacloud	`Trojan:Win/GenKryptik_AGen.AJB`
huorong	`Trojan/Agent.cfs`

d5a6edb8c1ded3a8ba12…

Erkannt: 33/75 (44.0%) – Trojan.Generic.38697070

Erkennende Engines (33):

Engine	Name
\| AVG	`Win32:Malware-gen`
Arcabit	`Trojan.Generic.D24E786E`
Avast	`Win32:Malware-gen`
BitDefender 🛡️	`Trojan.Generic.38697070`
CAT-QuickHeal	`Trojan.Ghanarava.176774347655ebf3`
CTX	`exe.trojan.generic`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`PowerShell/TrojanDownloader.Agent.NFL trojan`
Emsisoft	`Trojan.Generic.38697070 (B)`
Fortinet	`PowerShell/Agent.NFL!tr.dldr`
GData	`Trojan.Generic.38697070`
Google	`Detected`
Ikarus	`Trojan-Downloader.PowerShell.Agent`
K7AntiVirus	`Trojan ( 005cc1451 )`
K7GW	`Trojan ( 005cc1451 )`
Lionic	`Trojan.Win32.PowerShell.4!c`
Malwarebytes	`Malware.AI.3888561486`
MaxSecure	`Trojan.Malware.408204096.susgen`
McAfeeD	`ti!D5A6EDB8C1DE`
MicroWorld-eScan	`Trojan.Generic.38697070`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Downloader.Agent/PS!8.1250D (CLOUD)`
Sangfor	`Downloader.Powershell.Agent.Vmgi`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win32.Trojan-Downloader.Downloader.Vimw`
TrellixENS	`Artemis!83DCBC78C12B`
VBA32	`Trojan.Wacatac`
VIPRE	`Trojan.Generic.38697070`
Varist	`W32/ABTrojan.OLGM-4151`
alibabacloud	`Trojan[downloader]:Win/Agent.N#A`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 01:49 \| [0748253bb84d…](https://bazaar.abuse.ch/sample/0748253bb84d8fd3277d926bee9aae97560c37921ccb3d1dbf3199fae3e62a20/)	`dll`
\| 01:07 \| [47f92d2b9a30…](https://bazaar.abuse.ch/sample/47f92d2b9a3091d80834f06dd54880f99936aa1337590d640478e23067ef6bff/)	`exe`
\| 00:33 \| [d5c71eced224…](https://bazaar.abuse.ch/sample/d5c71eced224608ee3d1a612a29108ea8719f3eb5511267e23755ae191224a16/)	`exe`
\| 00:32 \| [7c52867f025f…](https://bazaar.abuse.ch/sample/7c52867f025f47deb82cc3eb92588e0081e2bf7a2d463f1406a92f93286d6a3f/)	`exe`
\| 00:30 \| [2db762513339…](https://bazaar.abuse.ch/sample/2db76251333918e6bc5d8960aad6e2a2f7b8a01abaea32350c58530d3a818a8e/)	`elf`

MITRE ATT&CK Taktiken

Zusy: 2 Samples
OffLoader: 1 Samples
Doina: 1 Samples
Mirai: 1 Samples
SyncroRMM: 1 Samples
SalatStealer: 1 Samples
Trojaner: 8 Samples
Loader: 3 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 22:36 UTC – 24 neue Samples – 9 kritisch – unbekannt

Thu, 02 Apr 2026 22:36:00 +0000

Stand: 02.04.2026 22:36 UTC

Neue Samples dieser Session: 24

Risiko-Verteilung

🔴 Kritisch: 9
🟠 Hoch: 8
🟡 Mittel: 3
🟢 Niedrig: 5

Höchster Score: 89.6/100 (5ddd3491dcc659e2…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

b769c834523acfc20854…

Erkannt: 49/75 (65.3%) – Trojan.GenericKD.79819792

Erkennende Engines (49):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Misc]`
AhnLab-V3	`Malware/Win.Kryptik.C5863809`
Antiy-AVL	`Trojan[PSW]/MSIL.Reline`
Arcabit	`Trojan.Generic.D4C1F410`
Avast	`MalwareX-gen [Misc]`
Avira	`HEUR/AGEN.1378475`
BitDefender 🛡️	`Trojan.GenericKD.79819792`
Bkav	`W32.AIDetectMalware.CS`
CTX	`exe.trojan.msil`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.Inject6.32641`
ESET-NOD32	`MSIL/Kryptik.APXM trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Trojan.GenericKD.79819792 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1378475`
Fortinet	`MSIL/Kryptik.APXM!tr`
GData	`Trojan.GenericKD.79819792`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Kryptik.sa`
Ikarus	`Trojan.MSIL.Inject`
K7AntiVirus	`Password-Stealer ( 005d00491 )`
K7GW	`Password-Stealer ( 005d00491 )`
Kaspersky	`HEUR:Trojan-Spy.MSIL.Noon.gen`
Kingsoft	`MSIL.Trojan-PSW.Reline.gen`
Lionic	`Trojan.Win32.Reline.i!c`
Malwarebytes	`Malware.AI.3151421693`
MaxSecure	`Trojan.Malware.328296147.susgen`
McAfeeD	`Trojan:Win/GenericPack.BMP`
MicroWorld-eScan	`Trojan.GenericKD.79819792`
Microsoft 🛡️	`Trojan:MSIL/DarkCloud.RVA!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:ooYTses7IH2AShzSJ5PfAQ)`
Sangfor	`Trojan.Msil.Agent.Vy8u`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`Scr.Malcode!gdn34`
Tencent	`Win32.Trojan.Generic.Fplw`
TrellixENS	`Artemis!0D1EEAE9E361`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`TrojanPSW.MSIL.Reline`
VIPRE	`Trojan.GenericKD.79819792`
Varist	`W32/MSIL_Kryptik.MUC2.ge!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
Yandex	`Trojan.Igent.b6hByB.9`
alibabacloud	`Trojan[stealer]:MSIL/Wacatac.B9nj`

54a2d3b7976f1a643607…

Erkannt: 13/75 (17.3%) – FileRepMalware [Misc]

Erkennende Engines (13):

Engine	Name
\| AVG	`FileRepMalware [Misc]`
Avast	`FileRepMalware [Misc]`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_70% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (high confidence)`
Malwarebytes	`Malware.Heuristic.2108`
McAfeeD	`ti!54A2D3B7976F`
Sophos	`Generic Reputation PUA (PUA)`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`malicious.moderate.ml.score`
TrellixENS	`Artemis!C6FE518758F3`

7c995c884d4e3b0d3815…

Erkannt: 6/75 (8.0%) – W64.AIDetectMalware

Erkennende Engines (6):

Engine	Name
\| APEX	`Malicious`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_60% (W)`
Cynet	`Malicious (score: 100)`
Elastic	`malicious (high confidence)`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`

4920f87d77a06d39793d…

Erkannt: 14/75 (18.7%) – W64.AIDetectMalware

Erkennende Engines (14):

Engine	Name
\| AhnLab-V3	`Trojan/Win.MalwareX-gen.C5863950`
Bkav	`W64.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/Kryptik.GQN trojan`
Elastic	`malicious (high confidence)`
Fortinet	`W64/Kryptik.GQN!tr`
Kaspersky	`HEUR:Trojan.Win64.OffensiveGolang.gen`
Kingsoft	`malware.kb.a.1000`
McAfeeD	`ti!4920F87D77A0`
Microsoft 🛡️	`Program:Win32/Wacapew.C!ml`
Rising	`Trojan.OffensiveGolang!8.1DAEC (TFE:5:HlvPF7KhYnN)`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 22:24 \| [2280cfb15d56…](https://bazaar.abuse.ch/sample/2280cfb15d560a94cddab186221fac94f967dfe7359d1c083bf66eab85380fbf/)	`exe`
\| 22:20 \| [5ddd3491dcc6…](https://bazaar.abuse.ch/sample/5ddd3491dcc659e208b08b8b9c430a34ac3ab9f909282c27fc7320b9f8f86e96/)	`exe`
\| 22:13 \| [e6a75864a1bb…](https://bazaar.abuse.ch/sample/e6a75864a1bb399feecd38c0045873f55259b4b7ea381cc559b6db2cc57965df/)	`unknown`
\| 22:09 \| [4cb529dd5cc5…](https://bazaar.abuse.ch/sample/4cb529dd5cc577efdf352e17fc8752c92c7b53d861acb9c89401ca2e66f0a329/)	`unknown`
\| 21:54 \| [42caae066664…](https://bazaar.abuse.ch/sample/42caae0666649bd94561b64d976c762bf990ca592f66eb13a68ca9ab3f3b825e/)	`exe`

MITRE ATT&CK Taktiken

Smoke Loader: 3 Samples
RustyStealer: 2 Samples
RedLineStealer: 1 Samples
QuasarRAT: 1 Samples
DCRat: 1 Samples
WraithBot: 1 Samples
AIDetectMalware: 1 Samples
SalatStealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 20:40 UTC – 18 neue Samples – 2 kritisch – unbekannt

Thu, 02 Apr 2026 20:40:00 +0000

Stand: 02.04.2026 20:40 UTC

Neue Samples dieser Session: 18

Risiko-Verteilung

🔴 Kritisch: 2
🟠 Hoch: 14
🟡 Mittel: 3
🟢 Niedrig: 0

Höchster Score: 89.5/100 (8ef463592cbf5e37…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

ffb7c4765dad2e804e62…

Erkannt: 33/75 (44.0%) – Gen:Variant.Cerbu.241091

Erkennende Engines (33):

Engine	Name
\| APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Phorpiex.R693380`
Arcabit	`Trojan.Cerbu.D3ADC3`
Avira	`HEUR/Malware`
BitDefender 🛡️	`Gen:Variant.Cerbu.241091`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.cerbu`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.Siggen32.31362`
ESET-NOD32	`Win32/Phorpiex_AGen.BG worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Cerbu.241091 (B)`
F-Secure	`Heuristic.HEUR/Malware`
Fortinet	`W32/Phorpiex.BB!worm`
GData	`Gen:Variant.Cerbu.241091`
Google	`Detected`
Kaspersky	`HEUR:Trojan-Downloader.Win32.Agent.gen`
Kingsoft	`malware.kb.a.998`
McAfeeD	`ti!FFB7C4765DAD`
MicroWorld-eScan	`Gen:Variant.Cerbu.241091`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.APX!MTB`
Rising	`Worm.Phorpiex!1.DF9C (CLASSIC)`
Sangfor	`Trojan.Win32.Agent.Amj6`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDownloader.Agent`
VIPRE	`Gen:Variant.Cerbu.241091`
Varist	`W32/Mint.B.gen!Eldorado`
huorong	`TrojanDownloader/Agent.bms`

dce7346008cc7d308824…

Erkannt: 52/75 (69.3%) – Gen:Variant.Application.msilheracles.2895

Erkennende Engines (52):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Drp]`
AhnLab-V3	`Malware/Win32.RL_Generic.C3558490`
Antiy-AVL	`Trojan[Backdoor]/MSIL.Crysan`
Arcabit	`Trojan.Application.msilheracles.DB4F`
Avast	`Win32:MalwareX-gen [Drp]`
Avira	`HEUR/AGEN.1305744`
BitDefender 🛡️	`Gen:Variant.Application.msilheracles.2895`
Bkav	`W32.AIDetectMalware.CS`
CAT-QuickHeal	`TrojanSpy.AsyncRAT.S15218964`
CTX	`exe.trojan.msil`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`BackDoor.AsyncRATNET.2`
ESET-NOD32	`MSIL/AsyncRAT.A trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Application.msilheracles.2895 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1305744`
Fortinet	`MSIL/Agent.CFQ!tr`
GData	`MSIL.Trojan.PSE.16I8278`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.MSIL.AsyncRAT`
Jiangmin	`Backdoor.MSIL.gguk`
K7AntiVirus	`Trojan ( 005c228f1 )`
K7GW	`Trojan ( 005c228f1 )`
Kaspersky	`HEUR:Backdoor.MSIL.Crysan.gen`
Kingsoft	`malware.kb.c.1000`
Lionic	`Trojan.Win32.AsyncRAT.m!c`
Malwarebytes	`Generic.Trojan.MSIL.DDS`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Real Protect-LS!4EE795BBD011`
MicroWorld-eScan	`Gen:Variant.Application.msilheracles.2895`
Microsoft 🛡️	`Backdoor:MSIL/AsyncRat.AD!MTB`
Rising	`Trojan.AntiVM!1.CF63 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`Fareit-FZT!4EE795BBD011`
Sophos	`Troj/AsyncRat-C`
Tencent	`Win32.Trojan.Generic.Hmnw`
Trapmine	`suspicious.low.ml.score`
TrellixENS	`Fareit-FZT!4EE795BBD011`
TrendMicro	`Backdoor.MSIL.ASYNCRAT.SMXSR`
TrendMicro-HouseCall	`Backdoor.MSIL.ASYNCRAT.SMXSR`
VBA32	`OScope.Backdoor.MSIL.Crysan`
VIPRE	`Gen:Variant.Application.msilheracles.2895`
Varist	`W32/Samas.B.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/AsyncRat-C`
alibabacloud	`Rat:Win/AsyncRAT.Stub`
huorong	`Backdoor/Crysan.a`

5722bae97daf54f30f3f…

Erkannt: 53/75 (70.7%) – Gen:Variant.Application.msilheracles.2895

Erkennende Engines (53):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Drp]`
AhnLab-V3	`Malware/Win32.RL_Generic.C3558490`
Antiy-AVL	`Trojan[Backdoor]/MSIL.Crysan`
Arcabit	`Trojan.Application.msilheracles.DB4F`
Avast	`Win32:MalwareX-gen [Drp]`
Avira	`HEUR/AGEN.1305744`
BitDefender 🛡️	`Gen:Variant.Application.msilheracles.2895`
Bkav	`W32.AIDetectMalware.CS`
CAT-QuickHeal	`Trojan.IgenericFC.S14890850`
CTX	`exe.trojan.msil`
ClamAV	`Win.Packed.Razy-9625918-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.Siggen9.56514`
ESET-NOD32	`MSIL/AsyncRAT.A trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Application.msilheracles.2895 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1305744`
Fortinet	`MSIL/AsyncRAT.A!tr`
GData	`MSIL.Trojan.PSE.16I8278`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Packed.sa`
Ikarus	`Trojan.MSIL.AsyncRAT`
Jiangmin	`Backdoor.MSIL.gguk`
K7AntiVirus	`Trojan ( 005c228f1 )`
K7GW	`Trojan ( 005c228f1 )`
Kaspersky	`HEUR:Backdoor.MSIL.Crysan.gen`
Kingsoft	`MSIL.Backdoor.Crysan.gen`
Lionic	`Trojan.Win32.AsyncRAT.m!c`
Malwarebytes	`Generic.Trojan.MSIL.DDS`
McAfeeD	`Real Protect-LS!EF9D4C47772F`
MicroWorld-eScan	`Gen:Variant.Application.msilheracles.2895`
Microsoft 🛡️	`Backdoor:MSIL/AsyncRat.AD!MTB`
Panda	`Trj/CI.A`
Rising	`Trojan.AntiVM!1.CF63 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`Fareit-FZT!EF9D4C47772F`
Sophos	`Troj/AsyncRat-B`
Tencent	`Trojan.Msil.Agent.zap`
Trapmine	`suspicious.low.ml.score`
TrellixENS	`Fareit-FZT!EF9D4C47772F`
TrendMicro	`Backdoor.MSIL.ASYNCRAT.SMXSR`
TrendMicro-HouseCall	`Backdoor.MSIL.ASYNCRAT.SMXSR`
VBA32	`OScope.Backdoor.MSIL.Crysan`
VIPRE	`Gen:Variant.Application.msilheracles.2895`
Varist	`W32/Samas.B.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/AsyncRat-B`
alibabacloud	`Rat:Win/AsyncRAT.Stub`
huorong	`Backdoor/Crysan.a`

fe0184cd17b02eb0fb6b…

Erkannt: 40/75 (53.3%) – Gen:Variant.Lazy.710886

Erkennende Engines (40):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:Lumma-L [Pws]`
Arcabit	`Trojan.Lazy.DAD8E6`
Avast	`Win32:Lumma-L [Pws]`
Avira	`TR/Crypt.XPACK.Gen`
BitDefender 🛡️	`Gen:Variant.Lazy.710886`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.lazy`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.PWS.Lumma.1819`
Elastic	`Windows.Trojan.Lumma`
Emsisoft	`Gen:Variant.Lazy.710886 (B)`
F-Secure	`Trojan.TR/Crypt.XPACK.Gen`
GData	`Gen:Variant.Lazy.710886`
Google	`Detected`
Ikarus	`Trojan-Spy.Win32.LummaStealer`
K7AntiVirus	`Riskware ( 005cdebc1 )`
K7GW	`Riskware ( 005cdebc1 )`
Kaspersky	`UDS:Trojan-PSW.Win32.Lumma`
Lionic	`Trojan.Win32.Lumma.1u!c`
Malwarebytes	`Malware.AI.1048981095`
McAfeeD	`Real Protect-LS!2DDE8587106B`
MicroWorld-eScan	`Gen:Variant.Lazy.710886`
Microsoft 🛡️	`Trojan:Win32/LummaC.EATE!MTB`
NANO-Antivirus	`Virus.Win32.Gen.ccmw`
Panda	`Trj/Genetic.gen`
Rising	`Stealer.LummaC2!1.12843 (CLASSIC)`
Sangfor	`Infostealer.Win32.Lumma.Vpmv`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/EncPk-DW`
Trapmine	`malicious.high.ml.score`
TrellixENS	`Artemis!2DDE8587106B`
VIPRE	`Gen:Variant.Lazy.710886`
ZoneAlarm	`Mal/EncPk-DW`
alibabacloud	`Trojan[stealer]:Win/LummaC.EMBZ3DGW`
huorong	`HEUR:TrojanSpy/LummaStealer.a`
tehtris	`Generic.Malware`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 20:16 \| [aa074b990ef3…](https://bazaar.abuse.ch/sample/aa074b990ef39f77e3d07f2a3ead60e1d87b5c073ea6ec5e3760356d131cd15f/)	`exe`
\| 20:09 \| [cb8ed8faa43d…](https://bazaar.abuse.ch/sample/cb8ed8faa43d39df05659bd1396cc2d037401b386c05471b2ce9f0dfac86c711/)	`exe`
\| 20:09 \| [93a3412e427d…](https://bazaar.abuse.ch/sample/93a3412e427dbe3690a625219166d9e494593cd600932dface8584b3efe2b9ad/)	`exe`
\| 20:08 \| [981006af72be…](https://bazaar.abuse.ch/sample/981006af72be89f4b18b8b870aa77ea10a46a9373b621f655ba4a3c37cbfada1/)	`exe`
\| 20:08 \| [432c47f7cf9e…](https://bazaar.abuse.ch/sample/432c47f7cf9e99bd12f0403e6700f561d5070a6fd887faa6bf90957e7b231979/)	`exe`

MITRE ATT&CK Taktiken

CoinMiner: 3 Samples
Phorpiex: 2 Samples
AsyncRAT: 2 Samples
LummaStealer: 2 Samples
SyncroRMM: 1 Samples
SalatStealer: 1 Samples
Loader: 11 Samples
RAT: 2 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 19:02 UTC – 33 neue Samples – 8 kritisch – unbekannt

Thu, 02 Apr 2026 19:02:00 +0000

Stand: 02.04.2026 19:02 UTC

Neue Samples dieser Session: 33

Risiko-Verteilung

🔴 Kritisch: 8
🟠 Hoch: 7
🟡 Mittel: 4
🟢 Niedrig: 15

Höchster Score: 89.3/100 (8bde0f38b2eafbdb…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

ebf93fa97159a29f88d1…

Erkannt: 5/75 (6.7%) – MalwareX-gen [Misc]

Erkennende Engines (5):

Engine	Name
\| AVG	`MalwareX-gen [Misc]`
AhnLab-V3	`Trojan/Win.Generic.C5863613`
Avast	`MalwareX-gen [Misc]`
ESET-NOD32	`Win64/Aotera.FI trojan`
Kaspersky	`VHO:Trojan.Win32.Agent.gen`

0c65c5d4d1d138293df6…

Erkannt: 45/75 (60.0%) – Gen:Heur.Mint.Zard.39

Erkennende Engines (45):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Bot]`
AhnLab-V3	`Trojan/Win.Phorpiex.R601456`
Antiy-AVL	`Trojan[Dropper]/Win32.Phorpiex`
Arcabit	`Trojan.Mint.Zard.39`
Avast	`Win32:MalwareX-gen [Bot]`
Avira	`HEUR/AGEN.1371853`
BitDefender 🛡️	`Gen:Heur.Mint.Zard.39`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.mint`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.DownLoader46.744`
ESET-NOD32	`Win32/Phorpiex_AGen.U worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Heur.Mint.Zard.39 (B)`
F-Secure	`Heuristic.HEUR/AGEN.1371853`
Fortinet	`W32/Phorpiex.W!tr`
GData	`Gen:Heur.Mint.Zard.39`
Google	`Detected`
Ikarus	`Worm.Win32.Phorpiex`
K7AntiVirus	`EmailWorm ( 005df7d61 )`
K7GW	`EmailWorm ( 005df7d61 )`
Kingsoft	`malware.kb.a.999`
Malwarebytes	`Spyware.Phorpiex`
McAfeeD	`ti!0C65C5D4D1D1`
MicroWorld-eScan	`Gen:Heur.Mint.Zard.39`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.BF!MTB`
Panda	`Trj/Genetic.gen`
Rising	`Worm.Phorpiex!8.48D (TFE:5:IzOidLQVDjU)`
SUPERAntiSpyware	`Trojan.Agent/Gen-Downloader`
Sangfor	`Trojan.Win32.Save.a`
SentinelOne	`Static AI - Suspicious PE`
Skyhigh	`Trojan-JBBB!C73287138DBD`
Symantec	`ML.Attribute.HighConfidence`
TrellixENS	`Trojan-JBBB!C73287138DBD`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDropper.Phorpiex`
VIPRE	`Gen:Heur.Mint.Zard.39`
Varist	`W32/S-c70f2e64!Eldorado`
Xcitium	`TrojWare.Win32.Injector.UOL@4q80ri`
alibabacloud	`Trojan:Win/Phorpiex.RK8PHU`
huorong	`Worm/Phorpiex.o`

26541cd26b08929911ea…

Erkannt: 42/75 (56.0%) – Gen:Variant.Lazy.710886

Erkennende Engines (42):

Engine	Name
\| APEX	`Malicious`
AVG	`FileRepMalware [Spy]`
AhnLab-V3	`Trojan/Win.LummaStealer.R767222`
Arcabit	`Trojan.Lazy.DAD8E6`
Avast	`FileRepMalware [Spy]`
Avira	`TR/Crypt.XPACK.Gen`
BitDefender 🛡️	`Gen:Variant.Lazy.710886`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.lazy`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win32/Spy.LummaStealer_AGen.CZ trojan`
Elastic	`Windows.Trojan.Lumma`
Emsisoft	`Gen:Variant.Lazy.710886 (B)`
F-Secure	`Trojan.TR/Crypt.XPACK.Gen`
GData	`Gen:Variant.Lazy.710886`
Google	`Detected`
Ikarus	`Trojan-Spy.Win32.LummaStealer`
K7AntiVirus	`Riskware ( 005cdebc1 )`
K7GW	`Riskware ( 005cdebc1 )`
Kaspersky	`UDS:Trojan-PSW.Win32.Lumma`
Kingsoft	`Win32.Trojan-PSW.Lumma.gen`
Lionic	`Trojan.Win32.LummaStealer.i!c`
Malwarebytes	`Trojan.MalPack.Themida.Generic`
McAfeeD	`Real Protect-LS!B7776F9056E9`
MicroWorld-eScan	`Gen:Variant.Lazy.710886`
Microsoft 🛡️	`Trojan:Win32/LummaStealer.Z!MTB`
NANO-Antivirus	`Virus.Win32.Gen.ccmw`
Panda	`Trj/Genetic.gen`
Rising	`Stealer.LummaC2!1.12843 (CLASSIC)`
Sangfor	`Suspicious.Win32.Save.ins`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/EncPk-DW`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Win32.Trojan.Crypt.Itgl`
Trapmine	`malicious.high.ml.score`
VIPRE	`Gen:Variant.Lazy.710886`
ZoneAlarm	`Mal/EncPk-DW`
huorong	`HEUR:TrojanSpy/LummaStealer.a`
tehtris	`Generic.Malware`

4a86870712c9738c2782…

Erkannt: 28/75 (37.3%) – Gen:Variant.Trojan.Linux.Gafgyt.8

Erkennende Engines (28):

Engine	Name
\| AVG	`ELF:Mirai-AHC [Trj]`
AhnLab-V3	`Linux/Mirai.Gen15`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Trojan.Linux.Gafgyt.8`
Avast	`ELF:Mirai-AHC [Trj]`
Avast-Mobile	`ELF:Mirai-FY [Trj]`
Avira	`LINUX/Mirai.bonb`
BitDefender 🛡️	`Gen:Variant.Trojan.Linux.Gafgyt.8`
CTX	`elf.trojan.gafgyt`
ClamAV	`Unix.Trojan.Mirai-7100807-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9788`
Emsisoft	`Gen:Variant.Trojan.Linux.Gafgyt.8 (B)`
F-Secure	`Malware.LINUX/Mirai.bonb`
Fortinet	`ELF/Condi.CDB!tr.botnet`
GData	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Google	`Detected`
Gridinsoft	`Susp.U.XOREncoded.sd!yf`
Ikarus	`Backdoor.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.b`
McAfeeD	`Trojan:Linux/Mirai.EKD`
MicroWorld-eScan	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Microsoft 🛡️	`Backdoor:Linux/Mirai.BJ!MTB`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Tencent	`Backdoor.Linux.Mirai.cb`
VIPRE	`Gen:Variant.Trojan.Linux.Gafgyt.8`
huorong	`Trojan/Linux.Mirai.g`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 18:45 \| [ebf93fa97159…](https://bazaar.abuse.ch/sample/ebf93fa97159a29f88d1b04df6d55b7f485c86c7193d685a25e731c2f9f9aeeb/)	`exe`
\| 18:35 \| [1e5f4b305596…](https://bazaar.abuse.ch/sample/1e5f4b3055968c4c7ca140c4ffa06c318472481a1717a9887a62dc2a509859f8/)	`exe`
\| 18:15 \| [189af922b12f…](https://bazaar.abuse.ch/sample/189af922b12f73d17d9c1e169861f99b2bc9b57634fe5fbec76881ce57d20f0f/)	`jar`
\| 18:15 \| [1c84c50d8537…](https://bazaar.abuse.ch/sample/1c84c50d8537855b9c9f58a238d81d2077e65ebc32088c9afeaf2ed1a8badf30/)	`jar`
\| 18:14 \| [242f5497cb5d…](https://bazaar.abuse.ch/sample/242f5497cb5d2a3135834603ded729506fe11e61ba45451a2de134eb28668284/)	`jar`

MITRE ATT&CK Taktiken

LummaStealer: 2 Samples
Mirai: 2 Samples
CoinMiner: 1 Samples
Mint: 1 Samples
Heodo: 1 Samples
Stealc: 1 Samples
SalatStealer: 1 Samples
Loader: 7 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 17:00 UTC – 48 neue Samples – 19 kritisch – unbekannt

Thu, 02 Apr 2026 17:00:00 +0000

Stand: 02.04.2026 17:00 UTC

Neue Samples dieser Session: 48

Risiko-Verteilung

🔴 Kritisch: 19
🟠 Hoch: 7
🟡 Mittel: 9
🟢 Niedrig: 14

Höchster Score: 88.9/100 (909a9da9a1f47e50…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

7ba205886073ee06a8fd…

Erkannt: 28/75 (37.3%) – Gen:Variant.Fragtor.926636

Erkennende Engines (28):

Engine	Name
\| APEX	`Malicious`
Arcabit	`Trojan.Fragtor.DE23AC`
Avira	`HEUR/Malware`
BitDefender 🛡️	`Gen:Variant.Fragtor.926636`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.fragtor`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 70)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win32/Phorpiex_AGen.BH worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Fragtor.926636 (B)`
F-Secure	`Heuristic.HEUR/Malware`
GData	`Gen:Variant.Fragtor.926636`
Google	`Detected`
Kaspersky	`HEUR:Trojan-Downloader.Win32.Agent.gen`
McAfeeD	`ti!7BA205886073`
MicroWorld-eScan	`Gen:Variant.Fragtor.926636`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.APX!MTB`
Rising	`Worm.Phorpiex!1.DF9C (CLASSIC)`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDownloader.Agent`
VIPRE	`Gen:Variant.Fragtor.926636`
Varist	`W32/Agent.KZW.gen!Eldorado`
huorong	`HVM:TrojanDownloader/Phorpiex.a`

8d7252df516b2151ac14…

Erkannt: 30/76 (39.5%) – MalwareX-gen [Rat]

Erkennende Engines (30):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Rat]`
Antiy-AVL	`Trojan[Spy]/Win32.Agent.foqx`
Avast	`MalwareX-gen [Rat]`
Bkav	`W64.AIDetectMalware`
CTX	`exe.trojan.generic`
ClamAV	`Win.Packed.Generic-9805849-0`
CrowdStrike	`win/malicious_confidence_90% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`a variant of Win64/GameHack_AGen.ZP potentially unsafe`
Elastic	`malicious (high confidence)`
GData	`Win64.Trojan.Agent.LZRT0B`
Google	`Detected`
Gridinsoft	`Malware.Win64.Gen.tr`
Ikarus	`Trojan.Win64.Krypt`
Kaspersky	`UDS:Backdoor.MSIL.Orcus`
Lionic	`Trojan.Win32.Generic.4!c`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`ti!8D7252DF516B`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Rising	`Backdoor.Orcus!1.BABC (CLASSIC)`
Sangfor	`Trojan.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Skyhigh	`Artemis`
Symantec	`ML.Attribute.HighConfidence`
TrellixENS	`Artemis!41939B8B58A2`
alibabacloud	`Trojan:Win/ClipBanker.DV`
huorong	`Trojan/Agent.cfs`

4a89dceadd396eae52f7…

Erkannt: 26/75 (34.7%) – Gen:Variant.Trojan.Linux.Gafgyt.8

Erkennende Engines (26):

Engine	Name
\| AVG	`ELF:Mirai-BOH [Trj]`
AhnLab-V3	`Linux/Mirai.Gen15`
Arcabit	`Trojan.Trojan.Linux.Gafgyt.8`
Avast	`ELF:Mirai-BOH [Trj]`
Avast-Mobile	`ELF:Mirai-FY [Trj]`
Avira	`LINUX/Mirai.bonb`
BitDefender 🛡️	`Gen:Variant.Trojan.Linux.Gafgyt.8`
CTX	`elf.trojan.gafgyt`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9788`
ESET-NOD32	`Linux/Mirai.WJ trojan`
Emsisoft	`Gen:Variant.Trojan.Linux.Gafgyt.8 (B)`
F-Secure	`Malware.LINUX/Mirai.bonb`
Fortinet	`Linux/Mirai.REAL!tr`
GData	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Google	`Detected`
Gridinsoft	`Susp.U.XOREncoded.sd!yf`
Ikarus	`LINUX.AVF.Bot`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.b`
McAfeeD	`Trojan:Linux/GenericY.HO`
MicroWorld-eScan	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Sangfor	`Suspicious.Linux.Save.a`
Tencent	`Backdoor.Linux.Mirai.waw`
TrendMicro-HouseCall	`Backdoor.Linux.MIRAI.SMLBO20`
VIPRE	`Gen:Variant.Trojan.Linux.Gafgyt.8`
huorong	`Trojan/Linux.Mirai.g`

c8691b37123987750892…

Erkannt: 33/75 (44.0%) – Gen:Variant.Cerbu.254289

Erkennende Engines (33):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Misc]`
AhnLab-V3	`Trojan/Win.Phorpiex.R693380`
Arcabit	`Trojan.Cerbu.D3E151`
Avast	`MalwareX-gen [Misc]`
Avira	`HEUR/Malware`
BitDefender 🛡️	`Gen:Variant.Cerbu.254289`
Bkav	`W32.AIDetectMalware`
CTX	`exe.unknown.cerbu`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.Siggen32.31362`
ESET-NOD32	`Win32/Phorpiex_AGen.BG worm`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Cerbu.254289 (B)`
F-Secure	`Heuristic.HEUR/Malware`
GData	`Gen:Variant.Cerbu.254289`
Google	`Detected`
Kaspersky	`HEUR:Trojan-Downloader.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Downloader.Agent.gen`
McAfeeD	`ti!C8691B371239`
MicroWorld-eScan	`Gen:Variant.Cerbu.254289`
Microsoft 🛡️	`Trojan:Win32/Phorpiex.APX!MTB`
Rising	`Worm.Phorpiex!1.DF9C (CLASSIC)`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.TrojanDownloader.Agent`
VIPRE	`Gen:Variant.Cerbu.254289`
Varist	`W32/Mint.B.gen!Eldorado`
huorong	`TrojanDownloader/Agent.bms`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 16:57 \| [4054e6f4b770…](https://bazaar.abuse.ch/sample/4054e6f4b770317d3c847281ce6ea8b19c2fe7efeb4cfd26105eb994cbfa9c4c/)	`exe`
\| 16:56 \| [c1d06468a2f0…](https://bazaar.abuse.ch/sample/c1d06468a2f089b4f6efbd51f4a140be40283e2efc76d25712e63471bca9f235/)	`exe`
\| 16:54 \| [02f1f39c71e4…](https://bazaar.abuse.ch/sample/02f1f39c71e42de51997b8a2f1495d8ff9862a42cb77ce3d4cbcd035fff95d92/)	`exe`
\| 16:53 \| [458daeb4f9f5…](https://bazaar.abuse.ch/sample/458daeb4f9f52b39fbd46a1a613dce771d2acb77221904e1b567e1b23264e1f9/)	`unknown`
\| 16:52 \| [7ba205886073…](https://bazaar.abuse.ch/sample/7ba205886073ee06a8fd711812ba7e655657a16ef7e6363100aa89428f270cc5/)	`exe`

MITRE ATT&CK Taktiken

Mirai: 12 Samples
LummaStealer: 2 Samples
Fragtor: 1 Samples
AgentTesla: 1 Samples
Grandoreiro: 1 Samples
AsyncRAT: 1 Samples
Phorpiex: 1 Samples
SyncroRMM: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 13:22 UTC – 41 neue Samples – 10 kritisch – unbekannt

Thu, 02 Apr 2026 13:22:00 +0000

Stand: 02.04.2026 13:22 UTC

Neue Samples dieser Session: 41

Risiko-Verteilung

🔴 Kritisch: 10
🟠 Hoch: 4
🟡 Mittel: 14
🟢 Niedrig: 14

Höchster Score: 88.7/100 (574d5ae7f5c7fd8f…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

2bedd77cc5402b2a151a…

Erkannt: 0/75 (0.0%) – –

9a5af44af5dcf614cecb…

Erkannt: 0/75 (0.0%) – –

7d9b565d51db33717821…

Erkannt: 42/75 (56.0%) – Gen:Variant.Application.FCA.3178

Erkennende Engines (42):

Engine	Name
\| APEX	`Malicious`
AhnLab-V3	`Backdoor/Win32.QuasarRAT.R341693`
Antiy-AVL	`Trojan/MSIL.Quasar`
Arcabit	`Trojan.Application.FCA.DC6A`
Avira	`HEUR/AGEN.1365341`
Bkav	`W32.AIDetectMalware.CS`
CAT-QuickHeal	`Trojan.Generic.TRFH927`
ClamAV	`Win.Malware.Generic-9883083-0`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
ESET-NOD32	`MSIL/Agent.CLQ trojan`
Elastic	`Windows.Generic.Threat`
Emsisoft	`Trojan.Agent (A)`
F-Secure	`Heuristic.HEUR/AGEN.1365341`
Fortinet	`MSIL/Agent.BPH!tr`
GData	`MSIL.Backdoor.Quasar.A`
Gridinsoft	`Spy.Win32.Keylogger.dd!n`
Ikarus	`Trojan-Spy.Agent`
Jiangmin	`Trojan.MSIL.aogzw`
K7AntiVirus	`Trojan ( 005b1c021 )`
K7GW	`Trojan ( 005690671 )`
Kingsoft	`malware.kb.c.959`
Malwarebytes	`Generic.Trojan.MSIL.DDS`
MaxSecure	`Trojan.Malware.325358113.susgen`
McAfeeD	`ti!7D9B565D51DB`
MicroWorld-eScan	`Gen:Variant.Application.FCA.3178`
Microsoft 🛡️	`Backdoor:MSIL/Quasar!atmn`
NANO-Antivirus	`Trojan.Win32.Quasar.lelzaq`
Rising	`Backdoor.Quasar!1.E5F1 (CLASSIC)`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Troj/Quasar-AF`
TACHYON	`Backdoor/W32.DN-Quasar.3266048.F`
Tencent	`Trojan.MSIL.Quasar.ka`
TrendMicro	`Backdoor.MSIL.QUASAR.SMTPTPI`
TrendMicro-HouseCall	`Backdoor.MSIL.QUASAR.SMTPTPI`
VIPRE	`Gen:Variant.Application.FCA.3178`
Varist	`W32/MSIL_Troj.BTX.gen!Eldorado`
VirIT	`Trojan.Win32.MSIL_Heur.B`
Webroot	`W32.Trojan.Quasar`
Yandex	`Trojan.Agent!/rztUTa1Nrs`
ZoneAlarm	`Troj/Quasar-AF`
huorong	`Trojan/MSIL.Obfuscated.g!crit`

37c5b6a429b149fa9542…

Erkannt: 23/75 (30.7%) – Win64:Evo-gen [Trj]

Erkennende Engines (23):

Engine	Name
\| AVG	`Win64:Evo-gen [Trj]`
AhnLab-V3	`Malware/Win.Generic.C5829852`
Avast	`Win64:Evo-gen [Trj]`
CTX	`exe.trojan.generic`
DeepInstinct	`MALICIOUS`
Fortinet	`W32/PossibleThreat`
Google	`Detected`
Gridinsoft	`Trojan.Win64.Downloader.oa!s1`
Kaspersky	`Trojan-Downloader.Win32.Paph.phy`
Malwarebytes	`RiskWare.PowerShell`
MaxSecure	`Trojan.Malware.328790041.susgen`
McAfeeD	`ti!37C5B6A429B1`
Paloalto	`generic.ml`
Rising	`Downloader.Paph!8.58D0 (LESS:bWQ1OmbFHfER7LS7ZL0Asopb6OE)`
Skyhigh	`Artemis`
Sophos	`Mal/Generic-S`
Symantec	`Trojan.Gen.MBT`
Tencent	`Win32.Trojan-Downloader.Paph.Fdhl`
Trapmine	`suspicious.low.ml.score`
Varist	`W64/ABDownloader.QOIO-0572`
Zillya	`Trojan.Inject.Win32.356892`
alibabacloud	`Trojan[downloader]:Win/Paph.pqk`
huorong	`Trojan/JS.Obfuscated.ej`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 12:51 \| [eaf789000af1…](https://bazaar.abuse.ch/sample/eaf789000af11f99a7ce38d5532de054e0812b828cf079859550be8abd710af8/)	`exe`
\| 12:49 \| [2bedd77cc540…](https://bazaar.abuse.ch/sample/2bedd77cc5402b2a151ae4f4d9743dbdd12d6368ac16dcf86678bd185315957e/)	`bat`
\| 12:48 \| [9a5af44af5dc…](https://bazaar.abuse.ch/sample/9a5af44af5dcf614cecb9d6a14f1412e6e59355b980dd1c28325aa3c31de24a1/)	`bat`
\| 12:47 \| [5e2bc42694b4…](https://bazaar.abuse.ch/sample/5e2bc42694b4eddb372a8370937a19cd71db11c8275a0a12ade339f2862fac55/)	`elf`
\| 12:43 \| [50190feceb5d…](https://bazaar.abuse.ch/sample/50190feceb5d7db701e0f0b312a2c81b7b2455c06471b16412e1d508867aa562/)	`msi`

MITRE ATT&CK Taktiken

Mirai: 2 Samples
SpyNote: 1 Samples
RustyStealer: 1 Samples
Vi: 1 Samples
QuasarRAT: 1 Samples
LummaStealer: 1 Samples
ConnectWise: 1 Samples
SalatStealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 10:55 UTC – 58 neue Samples – 37 kritisch – Mirai

Thu, 02 Apr 2026 10:55:00 +0000

Stand: 02.04.2026 10:55 UTC

Neue Samples dieser Session: 58

Risiko-Verteilung

🔴 Kritisch: 37
🟠 Hoch: 2
🟡 Mittel: 12
🟢 Niedrig: 8

Höchster Score: 89.7/100 (f36d7b6412cf3015…)

Häufigste Familie: Mirai

Häufigster Typ: ?

VirusTotal-Ergebnisse

4207fdf4706061794545…

Erkannt: 29/75 (38.7%) – Lnx/Mirai-FEBO!DBF42C622EFE

Erkennende Engines (29):

Engine	Name
\| AVG	`ELF:Agent-AYQ [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Gafgyt`
Avast	`ELF:Agent-AYQ [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`LINUX/Mirai.bonb`
ClamAV	`Unix.Trojan.Mirai-6981989-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9770`
ESET-NOD32	`Linux/Mirai.L trojan`
Elastic	`Linux.Trojan.Gafgyt`
F-Secure	`Malware.LINUX/Mirai.bonb`
Fortinet	`ELF/Mirai.A!tr`
Google	`Detected`
Gridinsoft	`Susp.U.XOREncoded.sd!yf`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.a`
Kingsoft	`Linux.Backdoor.elf.2025102`
Lionic	`Trojan.ELF.Mirai.4!c`
MaxSecure	`Trojan.Malware.121218.susgen`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AY!MTB`
Rising	`Backdoor.Mirai/Linux!1.DAAB (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Lnx/Mirai-FEBO!DBF42C622EFE`
Sophos	`Mal/Generic-S`
Symantec	`Linux.Mirai!g2`
Tencent	`Backdoor.Linux.Mirai.wz`
TrellixENS	`Lnx/Mirai-FEBO!DBF42C622EFE`
Varist	`E32/Mirai.EK.gen!Camelot`
huorong	`Trojan/Linux.Mirai.i`

483ca942ed5a4c55ea81…

Erkannt: 28/75 (37.3%) – Lnx/Mirai-FEBO!D11C8A0C0764

Erkennende Engines (28):

Engine	Name
\| AVG	`ELF:Agent-AYQ [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Agent-AYQ [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`LINUX/Mirai.bonb`
ClamAV	`Unix.Trojan.Mirai-7100807-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9770`
ESET-NOD32	`Linux/Mirai.L trojan`
Elastic	`Linux.Trojan.Gafgyt`
F-Secure	`Malware.LINUX/Mirai.bonb`
Fortinet	`ELF/Mirai.A!tr`
Google	`Detected`
Gridinsoft	`Susp.U.XOREncoded.sd!yf`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Gafgyt.a`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/Mirai.EBJ`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AY!MTB`
Rising	`Backdoor.Mirai/Linux!1.DAAB (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Lnx/Mirai-FEBO!D11C8A0C0764`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.wz`
TrellixENS	`Lnx/Mirai-FEBO!D11C8A0C0764`
Varist	`E32/Mirai.G.gen!Camelot`
huorong	`Trojan/Linux.Mirai.m`

645d2fc37a391a513e4f…

Erkannt: 29/75 (38.7%) – Backdoor.Linux.BASHLITE.SMJC11

Erkennende Engines (29):

Engine	Name
\| AVG	`ELF:Agent-AYQ [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Avast	`ELF:Agent-AYQ [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`LINUX/Mirai.bonb`
ClamAV	`Unix.Trojan.Mirai-7100807-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9770`
Elastic	`Linux.Trojan.Gafgyt`
F-Secure	`Malware.LINUX/Mirai.bonb`
Fortinet	`ELF/Mirai.A!tr`
Google	`Detected`
Gridinsoft	`Susp.U.XOREncoded.sd!yf`
Ikarus	`Trojan.Linux.Mirai`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.r`
Lionic	`Trojan.ELF.Mirai.4!c`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/Mirai.EKD`
Microsoft 🛡️	`Backdoor:Linux/Mirai.AY!MTB`
Rising	`Backdoor.Mirai/Linux!1.DAAB (CLASSIC)`
Sangfor	`Suspicious.Linux.Save.a`
SentinelOne	`Static AI - Malicious ELF`
Sophos	`Mal/Generic-S`
Symantec	`Linux.Mirai!g2`
Tencent	`Backdoor.Linux.Mirai.wz`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC11`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC11`
alibabacloud	`DDoS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.i`

666e31dee445064bdba8…

Erkannt: 41/75 (54.7%) – Gen:Variant.Adware.Lazy.2862

Erkennende Engines (41):

Engine	Name
\| APEX	`Malicious`
AVG	`Win64:MalwareX-gen [Misc]`
Arcabit	`Trojan.Adware.Lazy.DB2E`
Avast	`Win64:MalwareX-gen [Misc]`
Avira	`TR/Redcap.sscnn`
BitDefender 🛡️	`Gen:Variant.Adware.Lazy.2862`
Bkav	`W64.AIDetectMalware`
CTX	`exe.trojan.lazy`
ClamAV	`Win.Tool.Tedy-9970346-0`
CrowdStrike	`win/malicious_confidence_70% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 100)`
DeepInstinct	`MALICIOUS`
DrWeb	`Tool.VulnDriver.6`
ESET-NOD32	`Win64/GenKryptik_AGen.AZE trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Adware.Lazy.2862 (B)`
GData	`Gen:Variant.Adware.Lazy.2862`
Google	`Detected`
Gridinsoft	`Trojan.Win64.Agent.sa`
Ikarus	`Trojan-Downloader.Win64.Agent`
Kaspersky	`Trojan-PSW.Win32.Stealer.dfmi`
Kingsoft	`Win32.TrojDownloader.small.v`
Lionic	`Trojan.Win32.Generic.4!c`
Malwarebytes	`Malware.AI.2343381885`
McAfeeD	`Trojan:Win/Vulndriver.EAG`
MicroWorld-eScan	`Gen:Variant.Adware.Lazy.2862`
Microsoft 🛡️	`Trojan:Win32/Sabsik.FL.A!ml`
Paloalto	`generic.ml`
Rising	`Trojan.Kryptik!8.8 (CLOUD)`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win64.Kryptik.16002199`
TrellixENS	`Artemis!D9E5531BED49`
TrendMicro-HouseCall	`TROJ_GEN.R002H09D226`
VIPRE	`Gen:Variant.Adware.Lazy.2862`
Varist	`W64/ABAdware.XZVF-3186`
ViRobot	`PUP.Lazy.6225408`
alibabacloud	`Trojan:Win/DelFiles.NGW`
huorong	`Trojan/Agent.cev`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 10:52 \| [dc451dc92ca8…](https://bazaar.abuse.ch/sample/dc451dc92ca8c94781031a73a04ff4da5081de8b8e8a5aeb19ac0712d37435d8/)	`exe`
\| 10:52 \| [a8e8d4768f4c…](https://bazaar.abuse.ch/sample/a8e8d4768f4c1a93922bca30e84501538f0fc4666fc1fe7db9cdd1d591781e17/)	`exe`
\| 10:52 \| [1e371ac1c69d…](https://bazaar.abuse.ch/sample/1e371ac1c69da56b193dd34c2eef06e64279be9d31ee517890f3898a46815c44/)	`exe`
\| 10:51 \| [cc97f068f53b…](https://bazaar.abuse.ch/sample/cc97f068f53b20a3072d5c63553609d02916716fcc9f4f333a173a5a3c0aa830/)	`js`
\| 10:51 \| [5c85ca85909b…](https://bazaar.abuse.ch/sample/5c85ca85909b218bf904054f8341faceb6b9058946d128bcf99e3eddc74e9af3/)	`unknown`

MITRE ATT&CK Taktiken

Mirai: 30 Samples
Vidar: 2 Samples
CryptOne: 1 Samples
QuasarRAT: 1 Samples
Adware: 1 Samples
RemcosRAT: 1 Samples
AsyncRAT: 1 Samples
SalatStealer: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 09:03 UTC – 12 neue Samples – 6 kritisch – unbekannt

Thu, 02 Apr 2026 09:03:00 +0000

Stand: 02.04.2026 09:03 UTC

Neue Samples dieser Session: 12

Risiko-Verteilung

🔴 Kritisch: 6
🟠 Hoch: 2
🟡 Mittel: 4
🟢 Niedrig: 1

Höchster Score: 88.7/100 (67f8d4097eb2a529…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

fd8144fa9fadab3ce862…

Erkannt: 24/75 (32.0%) – MalwareX-gen [Trj]

Erkennende Engines (24):

Engine	Name
\| APEX	`Malicious`
AVG	`MalwareX-gen [Trj]`
Avast	`MalwareX-gen [Trj]`
Bkav	`W32.AIDetectMalware.CS`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
Elastic	`malicious (moderate confidence)`
Fortinet	`MSIL/GenKryptik.GHWJ!tr`
Google	`Detected`
Kaspersky	`HEUR:Trojan.Win32.Generic`
Kingsoft	`malware.kb.c.872`
Malwarebytes	`MachineLearning/Anomalous.97%`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Real Protect-LS!CDBE50FEC9D9`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Paloalto	`generic.ml`
Rising	`Malware.Obfus/MSIL@AI.94 (RDM.MSIL2:v5wQVgaGCUcXIE2TMIR2LQ)`
Sangfor	`Virus.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Troj/Krypt-AQM`
Symantec	`Scr.Malcode!gdn34`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/Krypt-AQM`

fb6d4ce94013385b31b3…

Erkannt: 19/75 (25.3%) – Troj/Krypt-AQM

Erkennende Engines (19):

Engine	Name
\| APEX	`Malicious`
Bkav	`W32.AIDetectMalware.CS`
CrowdStrike	`win/malicious_confidence_100% (D)`
Cylance	`Unsafe`
Elastic	`malicious (high confidence)`
Fortinet	`MSIL/GenKryptik.GHWJ!tr`
Google	`Detected`
Kingsoft	`malware.kb.c.895`
Malwarebytes	`Generic.Malware/Suspicious`
McAfeeD	`Real Protect-LS!FEB1AF2E50B5`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
Rising	`Malware.Obfus/MSIL@AI.96 (RDM.MSIL2:lt/eQee3hXn7VqDfsUgQ7w)`
Sangfor	`Virus.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Troj/Krypt-AQM`
Symantec	`Scr.Malcode!gdn34`
Trapmine	`malicious.moderate.ml.score`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/Krypt-AQM`

37b5b05b16bd471e6395…

Erkannt: 35/75 (46.7%) – Gen:Variant.Adware.MSILHeracles.1580

Erkennende Engines (35):

Engine	Name
\| APEX	`Malicious`
AVG	`Win32:MalwareX-gen [Trj]`
AhnLab-V3	`Adware/Win.Cerbu.C5845409`
Arcabit	`Trojan.Adware.MSILHeracles.D62C`
Avast	`Win32:MalwareX-gen [Trj]`
BitDefender 🛡️	`Gen:Variant.Adware.MSILHeracles.1580`
Bkav	`W32.AIDetectMalware.CS`
CTX	`exe.adware.msilheracles`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
DrWeb	`Trojan.DownLoader49.34723`
ESET-NOD32	`MSIL/Agent.FQI trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Adware.MSILHeracles.1580 (B)`
GData	`Gen:Variant.Adware.MSILHeracles.1580`
Google	`Detected`
Ikarus	`Trojan-Spy.StormKitty`
K7AntiVirus	`Trojan ( 700000201 )`
K7GW	`Trojan ( 700000201 )`
Kaspersky	`HEUR:Trojan.MSIL.Agent.gen`
Malwarebytes	`Malware.AI.1244517934`
MaxSecure	`Trojan.Malware.300983.susgen`
McAfeeD	`Real Protect-LS!630AF585AE19`
MicroWorld-eScan	`Gen:Variant.Adware.MSILHeracles.1580`
Microsoft 🛡️	`Trojan:MSIL/AsyncRAT!atmn`
Sangfor	`Virus.Win32.Save.a`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Troj/MSIL-TKP`
Symantec	`ML.Attribute.HighConfidence`
Trapmine	`suspicious.low.ml.score`
VIPRE	`Gen:Variant.Adware.MSILHeracles.1580`
VirIT	`Trojan.Win32.MSIL_Heur.A`
ZoneAlarm	`Troj/MSIL-TKP`
huorong	`Backdoor/MSIL.DcRat.a`

9a935b4b167cbf82cc4d…

Erkannt: 17/75 (22.7%) – Gen:Variant.Tedy.926427

Erkennende Engines (17):

Engine	Name
\| APEX	`Malicious`
AhnLab-V3	`Trojan/Win.Generic.C5863880`
Arcabit	`Trojan.Tedy.DE22DB`
Bkav	`W64.AIDetectMalware`
CTX	`exe.unknown.tedy`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`Win64/TrojanDownloader.Agent.CWA trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Gen:Variant.Tedy.926427 (B)`
GData	`Gen:Variant.Tedy.926427`
McAfeeD	`ti!9A935B4B167C`
MicroWorld-eScan	`Gen:Variant.Tedy.926427`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
SentinelOne	`Static AI - Suspicious PE`
VirIT	`Trojan.Win64.Agent.JJM`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 08:56 \| [70124c2df46e…](https://bazaar.abuse.ch/sample/70124c2df46ebe1e32a860462c8fe7b31eed825c66180f5abd8abe841b4059ee/)	`jar`
\| 08:56 \| [fd8144fa9fad…](https://bazaar.abuse.ch/sample/fd8144fa9fadab3ce862d6e42da69e1f81e98906fe097ec884cc1ae9a73a5fd5/)	`exe`
\| 08:53 \| [fb6d4ce94013…](https://bazaar.abuse.ch/sample/fb6d4ce94013385b31b30ec1ab8f1a6b2c34252a13062f880eae47b2b5cfc4e7/)	`exe`
\| 08:48 \| [33e0e57bf006…](https://bazaar.abuse.ch/sample/33e0e57bf00686dee10f561befa34d584dbcdf9877534c8e206ce1cb132d3d34/)	`jar`
\| 08:37 \| [81f2b17e9a5f…](https://bazaar.abuse.ch/sample/81f2b17e9a5ff6aeaa3fdee584c3b60698c2b9960c8b06a33bb50569f05745ab/)	`exe`

MITRE ATT&CK Taktiken

STRRAT: 1 Samples
Adware: 1 Samples
QuasarRAT: 1 Samples
Tedy: 1 Samples
SalatStealer: 1 Samples
RAT: 5 Samples
Infostealer: 1 Samples
Loader: 1 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)

MalwareBazaar – 02.04.2026 07:19 UTC – 17 neue Samples – 6 kritisch – unbekannt

Thu, 02 Apr 2026 07:19:00 +0000

Stand: 02.04.2026 07:19 UTC

Neue Samples dieser Session: 17

Risiko-Verteilung

🔴 Kritisch: 6
🟠 Hoch: 3
🟡 Mittel: 8
🟢 Niedrig: 1

Höchster Score: 89.4/100 (d91f2a957889f74f…)

Häufigste Familie: unbekannt

Häufigster Typ: ?

VirusTotal-Ergebnisse

d767060b7b8f808367f3…

Erkannt: 36/75 (48.0%) – Gen:Variant.Trojan.Linux.Gafgyt.8

Erkennende Engines (36):

Engine	Name
\| AVG	`ELF:Mirai-CXE [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Trojan.Linux.Gafgyt.8`
Avast	`ELF:Mirai-CXE [Trj]`
Avast-Mobile	`ELF:Mirai-UM [Trj]`
Avira	`EXP/ELF.Mirai.Hua.c`
BitDefender 🛡️	`Gen:Variant.Trojan.Linux.Gafgyt.8`
CTX	`elf.trojan.gafgyt`
ClamAV	`Unix.Dropper.Mirai-7355719-0`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9829`
ESET-NOD32	`Linux/Mirai.ESM trojan`
Elastic	`Linux.Generic.Threat`
Emsisoft	`Gen:Variant.Trojan.Linux.Gafgyt.8 (B)`
F-Secure	`Exploit.EXP/ELF.Mirai.Hua.c`
Fortinet	`ELF/Mirai.CXJ!tr`
GData	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Google	`Detected`
Ikarus	`Linux.Bot`
Kaspersky	`HEUR:Exploit.Linux.CVE-2017-17215.a`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/Mirai.EPY`
MicroWorld-eScan	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Microsoft 🛡️	`Backdoor:Linux/Gafgyt.AW!xp`
Rising	`Backdoor.Mirai/Linux!1.11724 (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Skyhigh	`Mirai-IAR!3218973B9A6F`
Sophos	`Mal/Generic-S`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Gafydy.bij`
TrellixENS	`Mirai-IAR!3218973B9A6F`
TrendMicro	`Trojan.Linux.MIRAI.SMMR1`
TrendMicro-HouseCall	`Trojan.Linux.MIRAI.SMMR1`
VIPRE	`Gen:Variant.Trojan.Linux.Gafgyt.8`
Varist	`E32/Mirai.DJ.gen!Camelot`
huorong	`Trojan/Linux.Mirai.f`

49f04a1e271194e9c68e…

Erkannt: 38/75 (50.7%) – Trojan.Linux.Generic.401784

Erkennende Engines (38):

Engine	Name
\| AVG	`ELF:Gafgyt-KS [Trj]`
Antiy-AVL	`Trojan[Backdoor]/Linux.Mirai`
Arcabit	`Trojan.Linux.Generic.D62178`
Avast	`ELF:Gafgyt-KS [Trj]`
Avast-Mobile	`ELF:Gafgyt-KS [Trj]`
Avira	`EXP/ELF.Mirai.Z.A`
BitDefender 🛡️	`Trojan.Linux.Generic.401784`
CTX	`elf.trojan.generic`
Cynet	`Malicious (score: 99)`
DrWeb	`Linux.Mirai.9816`
ESET-NOD32	`Linux/Mirai.CVA trojan`
Elastic	`Linux.Trojan.Gafgyt`
Emsisoft	`Trojan.Linux.Generic.401784 (B)`
F-Secure	`Exploit.EXP/ELF.Mirai.Z.A`
Fortinet	`ELF/Mirai.CVA!tr`
GData	`Trojan.Linux.Generic.401784`
Google	`Detected`
Ikarus	`Linux.Bot`
Jiangmin	`Backdoor.Linux.jhtq`
Kaspersky	`HEUR:Backdoor.Linux.Mirai.cw`
Kingsoft	`Linux.Backdoor.Mirai.cw`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Linux/GenericY.BN`
MicroWorld-eScan	`Trojan.Linux.Generic.401784`
Microsoft 🛡️	`Backdoor:Linux/Mirai.E!xp`
Rising	`Backdoor.Mirai/Linux!1.1290D (CLASSIC)`
SentinelOne	`Static AI - Malicious ELF`
Sophos	`Linux/DDoS-CIA`
Symantec	`Linux.Mirai`
Tencent	`Backdoor.Linux.Mirai.wam`
TrendMicro	`Backdoor.Linux.BASHLITE.SMJC11`
TrendMicro-HouseCall	`Backdoor.Linux.BASHLITE.SMJC11`
VBA32	`Trojan.Linux.Mirai`
VIPRE	`Trojan.Linux.Generic.401784`
Varist	`E32/Mirai.AT.gen!Eldorado`
ZoneAlarm	`Linux/DDoS-CIA`
alibabacloud	`DDOS:Linux/Mirai`
huorong	`Trojan/Linux.Mirai.q!crit`

e3517161e4c12d2af77b…

Erkannt: 33/75 (44.0%) – Trojan.GenericKD.79827089

Erkennende Engines (33):

Engine	Name
\| AVG	`MalwareX-gen [Trj]`
AhnLab-V3	`Trojan/Win.Injector.X2263`
Alibaba	`Trojan:Win64/Aotera.e8afd1c4`
Antiy-AVL	`Trojan/Win64.Aotera`
Arcabit	`Trojan.Generic.D4C21091`
Avast	`MalwareX-gen [Trj]`
BitDefender 🛡️	`Trojan.GenericKD.79827089`
Bkav	`W64.AIDetectMalware`
CTX	`dll.trojan.aotera`
CrowdStrike	`win/malicious_confidence_70% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DrWeb	`Trojan.Packed2.51151`
ESET-NOD32	`Win64/Aotera.FL trojan`
Elastic	`malicious (high confidence)`
Emsisoft	`Trojan.GenericKD.79827089 (B)`
Fortinet	`W64/Agent.ECKA!tr`
GData	`Win64.Trojan.Agent.ARHY6W`
Ikarus	`Trojan.Win64.Aotera`
Lionic	`Trojan.Win32.Generic.4!c`
Malwarebytes	`Malware.AI.3865059296`
McAfeeD	`ti!E3517161E4C1`
MicroWorld-eScan	`Trojan.GenericKD.79827089`
Microsoft 🛡️	`Trojan:Win64/Aotera.RVB!MTB`
Rising	`Trojan.Aotera!8.1D79F (CLOUD)`
Sangfor	`Trojan.Win32.Agent.Vjvk`
Sophos	`Mal/Generic-S`
Tencent	`Win32.Trojan.W64.Psmw`
TrellixENS	`Artemis!8875F1D80A37`
TrendMicro-HouseCall	`TROJ_GEN.F0D1C00D126`
Varist	`W64/Agent.KZG.gen!Eldorado`
ZoneAlarm	`Mal/Generic-L`
alibabacloud	`Trojan:Win/Aotera.FG`

0dfed1b9b09e103d363e…

Erkannt: 19/75 (25.3%) – W32.AIDetectMalware

Erkennende Engines (19):

Engine	Name
\| APEX	`Malicious`
AhnLab-V3	`Dropper/Win.MalwareX-gen.C5855203`
Bkav	`W32.AIDetectMalware`
CrowdStrike	`win/malicious_confidence_90% (D)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
ESET-NOD32	`WinGo/TrojanDropper.Agent.EK trojan`
Elastic	`malicious (high confidence)`
Google	`Detected`
Ikarus	`Trojan.Win32.Krypt`
Kaspersky	`VHO:Trojan-PSW.Win32.Lumma.gen`
McAfeeD	`ti!0DFED1B9B09E`
Microsoft 🛡️	`Trojan:Win32/Wacatac.B!ml`
SentinelOne	`Static AI - Suspicious PE`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Win32.Trojan.W32.Cdhl`
Trapmine	`malicious.moderate.ml.score`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
huorong	`TrojanSpy/LummaStealer.fj`

750e5ac3bb33d7ad4f96…

Erkannt: 47/75 (62.7%) – Trojan.GenericKDZ.116601

Erkennende Engines (52):

Engine	Name
\| AhnLab-V3	`Trojan/Win.Generic.R727379`
Alibaba	`TrojanBanker:Win32/SalatStealer.1f71e228`
Antiy-AVL	`Trojan/Win32.SalatStealer`
Arcabit	`Trojan.Generic.D1C779`
Avira	`TR/AVI.SalatStealer.uirse`
BitDefender 🛡️	`Trojan.GenericKDZ.116601`
Bkav	`W32.AIDetectMalware`
CAT-QuickHeal	`Trojan.Agent`
CTX	`exe.trojan.salatstealer`
ClamAV	`Win.Malware.Salat-10058846-0`
CrowdStrike	`win/malicious_confidence_100% (W)`
Cylance	`Unsafe`
Cynet	`Malicious (score: 99)`
DeepInstinct	`MALICIOUS`
ESET-NOD32	`WinGo/Agent.VO trojan`
Elastic	`Multi.Generic.Threat`
Emsisoft	`Trojan.GenericKDZ.116601 (B)`
F-Secure	`Trojan.TR/AVI.SalatStealer.uirse`
Fortinet	`W32/Agent.VO!tr`
GData	`Trojan.GenericKDZ.116601`
Google	`Detected`
Gridinsoft	`Trojan.Win32.Agent.sa`
Ikarus	`Trojan.WinGo.Agent`
K7AntiVirus	`Spyware ( 006d58511 )`
K7GW	`Spyware ( 006d58511 )`
Kaspersky	`UDS:Trojan-Banker.Win32.Agent.gen`
Kingsoft	`Win32.Trojan-Banker.Agent.gen`
Lionic	`Trojan.Win32.SalatStealer.7!c`
Malwarebytes	`Malware.AI.1485447620`
MaxSecure	`Trojan.Malware.121218.susgen`
McAfeeD	`Trojan:Win/Salat.EAC`
MicroWorld-eScan	`Trojan.GenericKDZ.116601`
Microsoft 🛡️	`Trojan:Win32/SalatStealer.SMX!MTB`
Paloalto	`generic.ml`
Panda	`Trj/CI.A`
Rising	`Stealer.Salat!1.13A22 (CLASSIC)`
Sangfor	`Infostealer.Win32.Salatstealer.Vkzr`
SentinelOne	`Static AI - Malicious PE`
Sophos	`Mal/Generic-S`
Symantec	`ML.Attribute.HighConfidence`
Tencent	`Trojan.Win32.Stealer.16001830`
TrendMicro-HouseCall	`Trojan.Win32.VSX.PE04C9z`
VBA32	`BScope.Trojan.Win64.Agent`
VIPRE	`Trojan.GenericKDZ.116601`
Varist	`W32/Agent.LNT.gen!Eldorado`
alibabacloud	`Trojan:Multi/Rozena.SS`
huorong	`Trojan/Agent.e!crit`
\| 07:01 \| [7110645f8732…](https://bazaar.abuse.ch/sample/7110645f873201e28271b9e28ac11d5f4e826bee1be26c59062a3ebe0dce6731/)	`xapk`
\| 06:42 \| [3d83173d1a4c…](https://bazaar.abuse.ch/sample/3d83173d1a4cd927066a324926b4f5001f2e98825c480de180b6f9eb492cacfe/)	`elf`
\| 06:42 \| [159c73d8e746…](https://bazaar.abuse.ch/sample/159c73d8e746064ba1187265ac47ac3bdd35642275c68a10d8fe45722652d336/)	`elf`
\| 06:42 \| [d767060b7b8f…](https://bazaar.abuse.ch/sample/d767060b7b8f808367f3f0eb2f5fdf59143c057a09f0fb8e5d9ca8414d061158/)	`elf`
\| 06:17 \| [49f04a1e2711…](https://bazaar.abuse.ch/sample/49f04a1e271194e9c68ed8251f5235ffc7dda72b902daa9d83a16a03285b9dfb/)	`elf`

MITRE ATT&CK Taktiken

Mirai: 4 Samples
LummaStealer: 2 Samples
SyncroRMM: 1 Samples
SalatStealer: 1 Samples
Trojaner: 2 Samples
Infostealer: 2 Samples
Loader: 1 Samples
Initial Access: 4 Samples

Sample-Hashes (Auszug)

→ Vollständiger Report (Markdown)