{ "id": "b277eacb-aeed-4d55-89ae-4f77e95844a6", "created_at": "2026-04-06T00:15:26.648272Z", "updated_at": "2026-04-10T13:12:43.666255Z", "deleted_at": null, "sha1_hash": "a9849999165cd673d057728bc414f4d808a480cf", "title": "VirusTotal - File - 2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 62017, "plain_text": "SUMMARY DETECTION DETAILS RELATIONS BEHAVIOR COMMUNITY\r\nJoin our Community and enjoy additional community insights and crowdsourced detections, plus an\r\nAPI key to automate checks.\r\nPopular\r\nthreat\r\nlabel\r\ntrojan.generickdq/misc Threat categories trojan Family labels generickdq misc\r\nAliCloud RiskWare:Multi/Agent.IY\r\nALYac QD:Trojan.GenericKDQ.31CDDAECCE\r\nArcabit QD:Trojan.GenericQ.31CDDAECCE\r\nArctic Wolf Unsafe\r\nAvast Win64:MalwareX-gen [Misc]\r\nAVG Win64:MalwareX-gen [Misc]\r\nBitDefender QD:Trojan.GenericKDQ.31CDDAECCE\r\nBkav Pro W64.AIDetectMalware\r\nCTX Dll.trojan.generic\r\nDeepInstinct MALICIOUS\r\nElastic Malicious (moderate Confidence)\r\nEmsisoft QD:Trojan.GenericKDQ.31CDDAECCE (B)\r\neScan QD:Trojan.GenericKDQ.31CDDAECCE\r\nESET-NOD32 A Variant Of WinGo/PSW.Agent.IV\r\nFortinet W32/Agent.IV!tr.pws\r\nGData QD:Trojan.GenericKDQ.31CDDAECCE\r\nGoogle Detected\r\nIkarus Trojan.WinGo.Spy\r\nLionic Trojan.Win32.GenericKDQ.4!c\r\nMalwarebytes Malware.AI.2197756596\r\nMaxSecure Trojan.Malware.324995110.susgen\r\nMcAfee Scanner Ti!2A448324F84F\r\nMicrosoft Trojan:Win32/Wacatac.B!ml\r\nPalo Alto Networks Generic.ml\r\nSecurity vendors' analysis Do you want to automate checks?\r\n2a448324f84fca6b8149edb28050d5b5ece2194 Sign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97\r\nPage 1 of 3\n\nPanda Trj/Chgt.AD\r\nQuickHeal Trojan.Ghanarava.17581454951a3046\r\nRising Stealer.Agent!8.C2 (CLOUD)\r\nSkyhigh (SWG) Artemis\r\nSophos Mal/Generic-S\r\nSymantec ML.Attribute.HighConfidence\r\nTencent Malware.Win32.Gencirc.149b3e3e\r\nTrellix ENS Artemis!1BDA3AE52D7A\r\nTrendMicro-HouseCall TROJ_GEN.R002H09H625\r\nVarist W64/ABTrojan.HZPA-4707\r\nVIPRE QD:Trojan.GenericKDQ.31CDDAECCE\r\nZillya Trojan.Agent.Win32.4316160\r\nAcronis (Static ML) Undetected\r\nAhnLab-V3 Undetected\r\nAlibaba Undetected\r\nAntiy-AVL Undetected\r\nAvira (no cloud) Undetected\r\nBaidu Undetected\r\nClamAV Undetected\r\nCMC Undetected\r\nCrowdStrike Falcon Undetected\r\nCynet Undetected\r\nDrWeb Undetected\r\nGridinsoft (no cloud) Undetected\r\nHuorong Undetected\r\nJiangmin Undetected\r\nK7AntiVirus Undetected\r\nK7GW Undetected\r\nKaspersky Undetected\r\nKingsoft Undetected\r\nNANO-Antivirus Undetected\r\nSangfor Engine Zero Undetected\r\nSecureAge Undetected\r\nSentinelOne (Static ML) Undetected\r\nSUPERAntiSpyware Undetected\r\nTACHYON Undetected\r\nTEHTRIS Undetected\r\nTrapmine Undetected\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97\r\nPage 2 of 3\n\nTrendMicro Undetected\r\nVBA32 Undetected\r\nVirIT Undetected\r\nViRobot Undetected\r\nWebroot Undetected\r\nWithSecure Undetected\r\nXcitium Undetected\r\nYandex Undetected\r\nZoneAlarm by Check Point Undetected\r\nZoner Undetected\r\nAvast-Mobile Unable to process file type\r\nBitDefenderFalx Unable to process file type\r\nSymantec Mobile Insight Unable to process file type\r\nTrustlook Unable to process file type\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "origins": [ "web" ], "references": [ "https://www.virustotal.com/gui/file/2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97" ], "report_names": [ "2a448324f84fca6b8149edb28050d5b5ece2194bcfa1db6ccaa6f014fe4a4b97" ], "threat_actors": [ { "id": "3fff98c9-ad02-401d-9d4b-f78b5b634f31", "created_at": "2023-01-06T13:46:38.376868Z", "updated_at": "2026-04-10T02:00:02.949077Z", "deleted_at": null, "main_name": "Cleaver", "aliases": [ "G0003", "Operation Cleaver", "Op Cleaver", "Tarh Andishan", "Alibaba", "TG-2889", "Cobalt Gypsy" ], "source_name": "MISPGALAXY:Cleaver", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775434526, "ts_updated_at": 1775826763, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/a9849999165cd673d057728bc414f4d808a480cf.pdf", "text": "https://archive.orkl.eu/a9849999165cd673d057728bc414f4d808a480cf.txt", "img": "https://archive.orkl.eu/a9849999165cd673d057728bc414f4d808a480cf.jpg" } }