{
	"id": "648f90a7-4818-44aa-a0b0-5557fb5bd613",
	"created_at": "2026-04-06T00:18:42.23857Z",
	"updated_at": "2026-04-10T03:32:46.028218Z",
	"deleted_at": null,
	"sha1_hash": "e9ed8db5b8b9f8f4377af7d221ecc00c23935c18",
	"title": "VirusTotal - File - 38f9ce7243c7851d67b24eb53b16177147f38dfffe201c5bedefe260d22ac908",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 64090,
	"plain_text": "SUMMARY DETECTION DETAILS RELATIONS BEHAVIOR COMMUNITY 3\r\nJoin our Community and enjoy additional community insights and crowdsourced detections, plus an\r\nAPI key to automate checks.\r\nPopular\r\nthreat label\r\ntrojan.mint/zard Threat categories trojan Family labels mint zard floo\r\nAhnLab-V3 Trojan/Win32.Backdoor.R120787\r\nAlibaba Trojan:Win32/BScope.a2f56628\r\nAliCloud Trojan:Win/Mint.Zard\r\nALYac Backdoor.Agent.196096\r\nArcabit Trojan.Mint.Zard.30\r\nArctic Wolf Unsafe\r\nAvast Win32:Flooder-IG [Trj]\r\nAVG Win32:Flooder-IG [Trj]\r\nBitDefender Gen:Heur.Mint.Zard.30\r\nBkav Pro W32.AIDetectMalware\r\nCrowdStrike Falcon Win/malicious_confidence_100% (W)\r\nCTX Exe.trojan.generic\r\nCynet Malicious (score: 100)\r\nDeepInstinct MALICIOUS\r\nDrWeb Trojan.Siggen6.5331\r\nElastic Malicious (moderate Confidence)\r\nEmsisoft Gen:Heur.Mint.Zard.30 (B)\r\neScan Gen:Heur.Mint.Zard.30\r\nESET-NOD32 Win32/Agent.RGH Trojan\r\nGData Gen:Heur.Mint.Zard.30\r\nGoogle Detected\r\nGridinsoft (no cloud) Trojan.Win32.Wacatac.oa!s1\r\nJiangmin Trojan/Generic.bfiwj\r\nK7AntiVirus Trojan ( 004bcce41 )\r\nK7GW Trojan ( 004bcce41 )\r\nSecurity vendors' analysis Do you want to automate checks?\r\n38f9ce7243c7851d67b24eb53b16177147f38dfff Sign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/38f9ce7243c7851d67b24eb53b16177147f38dfffe201c5bedefe260d22ac908/detection\r\nPage 1 of 3\n\nKaspersky UDS:Trojan.Win32.Generic\r\nLionic Trojan.Win32.Generic.4!c\r\nMalwarebytes MachineLearning /Anomalous.100%\r\nMaxSecure Trojan.Malware.300983.susgen\r\nMcAfee Scanner Ti!38F9CE7243C7\r\nMicrosoft Trojan:Win32/Ymacco.AA38\r\nNANO-Antivirus Trojan.Win32.TrjGen.ctqwcr\r\nPalo Alto Networks Generic.ml\r\nPanda Trj/Genetic.gen\r\nQuickHeal Trojan.Ghanarava.164276373268f7c4\r\nRising Trojan.Skeeyah!8.3A6 (TFE:5:FK57Qh413GG)\r\nSangfor Engine Zero Trojan.Win32.Save.a\r\nSecureAge Malicious\r\nSentinelOne (Static ML) Static AI - Malicious PE\r\nSkyhigh (SWG) BehavesLike.Win32.NetLoader.cm\r\nSophos Mal/Generic-S\r\nSymantec ML.Attribute.HighConfidence\r\nTencent Malware.Win32.Gencirc.13b25837\r\nTrapmine Malicious.high.ml.score\r\nTrellix ENS Artemis!7BA2F5ED06F3\r\nTrendMicro-HouseCall Trojan.Win32.VSX.PE04C9z\r\nVarist W32/Threat-HLLAU-based!Maximus\r\nVBA32 Trojan.Wacatac\r\nVIPRE Gen:Heur.Mint.Zard.30\r\nVirIT Trojan.Win32.SHeur4.CJOR\r\nYandex Trojan.Siggen!eIUDZJH49rY\r\nZillya Trojan.Agent.Win32.2261251\r\nAcronis (Static ML) Undetected\r\nAntiy-AVL Undetected\r\nAvira (no cloud) Undetected\r\nBaidu Undetected\r\nClamAV Undetected\r\nCMC Undetected\r\nHuorong Undetected\r\nIkarus Undetected\r\nKingsoft Undetected\r\nSUPERAntiSpyware Undetected\r\nTACHYON Undetected\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/38f9ce7243c7851d67b24eb53b16177147f38dfffe201c5bedefe260d22ac908/detection\r\nPage 2 of 3\n\nTEHTRIS Undetected\r\nTrendMicro Undetected\r\nViRobot Undetected\r\nWebroot Undetected\r\nWithSecure Undetected\r\nXcitium Undetected\r\nZoneAlarm by Check Point Undetected\r\nZoner Undetected\r\nAvast-Mobile Unable to process file type\r\nBitDefenderFalx Unable to process file type\r\nSymantec Mobile Insight Unable to process file type\r\nTrustlook Unable to process file type\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/38f9ce7243c7851d67b24eb53b16177147f38dfffe201c5bedefe260d22ac908/detection\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.virustotal.com/gui/file/38f9ce7243c7851d67b24eb53b16177147f38dfffe201c5bedefe260d22ac908/detection"
	],
	"report_names": [
		"detection"
	],
	"threat_actors": [
		{
			"id": "3fff98c9-ad02-401d-9d4b-f78b5b634f31",
			"created_at": "2023-01-06T13:46:38.376868Z",
			"updated_at": "2026-04-10T02:00:02.949077Z",
			"deleted_at": null,
			"main_name": "Cleaver",
			"aliases": [
				"G0003",
				"Operation Cleaver",
				"Op Cleaver",
				"Tarh Andishan",
				"Alibaba",
				"TG-2889",
				"Cobalt Gypsy"
			],
			"source_name": "MISPGALAXY:Cleaver",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434722,
	"ts_updated_at": 1775791966,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e9ed8db5b8b9f8f4377af7d221ecc00c23935c18.pdf",
		"text": "https://archive.orkl.eu/e9ed8db5b8b9f8f4377af7d221ecc00c23935c18.txt",
		"img": "https://archive.orkl.eu/e9ed8db5b8b9f8f4377af7d221ecc00c23935c18.jpg"
	}
}