{ "id": "6e42748d-ba07-49ad-a841-27a2ff8b00aa", "created_at": "2026-04-06T02:13:14.45238Z", "updated_at": "2026-04-10T03:32:46.090334Z", "deleted_at": null, "sha1_hash": "f7f6595413d954721b9c451695cee3efd3d8df77", "title": "VirusTotal - File - 3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a08240199761ba6da91e719d30705", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 61694, "plain_text": "SUMMARY DETECTION DETAILS RELATIONS BEHAVIOR COMMUNITY 3\r\nJoin our Community and enjoy additional community insights and crowdsourced detections, plus an\r\nAPI key to automate checks.\r\nPopular\r\nthreat label\r\ntrojan.matadoor Threat categories trojan Family labels matadoor\r\nAhnLab-V3 Trojan/Win.Generic.C5285777\r\nAlibaba Trojan:Win64/Matadoor.4c0986d9\r\nALYac Trojan.Agent.MataDoor\r\nAntiy-AVL Trojan/Win64.NukeSped\r\nArctic Wolf Unsafe\r\nBkav Pro W64.AIDetectMalware\r\nCrowdStrike Falcon Win/malicious_confidence_100% (W)\r\nCynet Malicious (score: 100)\r\nDeepInstinct MALICIOUS\r\nDrWeb Trojan.Siggen21.14181\r\nElastic Malicious (high Confidence)\r\nFortinet Riskware/Trojan\r\nIkarus PUA.VProtect\r\nKaspersky Trojan.Win64.Matadoor.bm\r\nLionic Trojan.Win32.Matadoor.4!c\r\nMalwarebytes Malware.AI.1008105470\r\nMaxSecure Trojan.Malware.215142796.susgen\r\nMcAfee Scanner Ti!3C1CFC2B8B7E\r\nNANO-Antivirus Trojan.Win64.Mlw.jxzlsx\r\nPanda Trj/Chgt.AD\r\nRising Trojan.MataDoor!8.16827 (TFE:5:baEiiJnlO4P)\r\nSentinelOne (Static ML) Static AI - Suspicious PE\r\nSkyhigh (SWG) BehavesLike.Win64.Dropper.tc\r\nSophos Mal/Generic-S\r\nSymantec ML.Attribute.HighConfidence\r\nSecurity vendors' analysis Do you want to automate checks?\r\n3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a0824 Sign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a08240199761ba6da91e719d30705/detection\r\nPage 1 of 3\n\nTrellix (ENS) Trojan-FWHY!FE9338246434\r\nTrellix (HX) Generic.mg.fe93382464347be4\r\nAcronis (Static ML) Undetected\r\nAliCloud Undetected\r\nArcabit Undetected\r\nAvast Undetected\r\nAVG Undetected\r\nAvira (no cloud) Undetected\r\nBaidu Undetected\r\nBitDefender Undetected\r\nClamAV Undetected\r\nCMC Undetected\r\nCTX Undetected\r\nEmsisoft Undetected\r\neScan Undetected\r\nESET-NOD32 Undetected\r\nGData Undetected\r\nGoogle Undetected\r\nGridinsoft (no cloud) Undetected\r\nHuorong Undetected\r\nJiangmin Undetected\r\nK7AntiVirus Undetected\r\nK7GW Undetected\r\nKingsoft Undetected\r\nMicrosoft Undetected\r\nPalo Alto Networks Undetected\r\nQuickHeal Undetected\r\nSecureAge Undetected\r\nSUPERAntiSpyware Undetected\r\nTACHYON Undetected\r\nTEHTRIS Undetected\r\nTencent Undetected\r\nTrapmine Undetected\r\nTrendMicro Undetected\r\nTrendMicro-HouseCall Undetected\r\nVarist Undetected\r\nVBA32 Undetected\r\nVIPRE Undetected\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a08240199761ba6da91e719d30705/detection\r\nPage 2 of 3\n\nVirIT Undetected\r\nViRobot Undetected\r\nWebroot Undetected\r\nWithSecure Undetected\r\nXcitium Undetected\r\nYandex Undetected\r\nZillya Undetected\r\nZoner Undetected\r\nAvast-Mobile Unable to process file type\r\nBitDefenderFalx Unable to process file type\r\nSymantec Mobile Insight Unable to process file type\r\nTrustlook Unable to process file type\r\nSign in Sign up\r\nWe use cookies and related technologies to remember user preferences, for security, to\r\nanalyse our traffic, and to enable website functionality. Learn more about cookies in our\r\nPrivacy Notice. Ok\r\nhttps://www.virustotal.com/gui/file/3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a08240199761ba6da91e719d30705/detection\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://www.virustotal.com/gui/file/3c1cfc2b8b7e5c2d713ec5f329aa58a6b56a08240199761ba6da91e719d30705/detection" ], "report_names": [ "detection" ], "threat_actors": [ { "id": "3fff98c9-ad02-401d-9d4b-f78b5b634f31", "created_at": "2023-01-06T13:46:38.376868Z", "updated_at": "2026-04-10T02:00:02.949077Z", "deleted_at": null, "main_name": "Cleaver", "aliases": [ "G0003", "Operation Cleaver", "Op Cleaver", "Tarh Andishan", "Alibaba", "TG-2889", "Cobalt Gypsy" ], "source_name": "MISPGALAXY:Cleaver", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1775441594, "ts_updated_at": 1775791966, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/f7f6595413d954721b9c451695cee3efd3d8df77.pdf", "text": "https://archive.orkl.eu/f7f6595413d954721b9c451695cee3efd3d8df77.txt", "img": "https://archive.orkl.eu/f7f6595413d954721b9c451695cee3efd3d8df77.jpg" } }