YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 9a92d83621bba30c0fac9ba1ef29c0c944d38d3c199eda25efd1441ce6e40068.

Scan Results

SHA256 hash: 9a92d83621bba30c0fac9ba1ef29c0c944d38d3c199eda25efd1441ce6e40068
File size:77'941'760 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 1687ed72764a7123cfca0fb2a3f180dc
SHA1 hash: 15cccd993b4425a81355196bdeb27fa61bec4fc2
SHA3-384 hash: 2b2127d5317f58145aa5ee3cbad31336ea204cfdfd5402b296716ac545e833cd8552cce99b5dee2dd9d3bd782f32c5d1
First seen:2025-11-21 18:57:12 UTC
Last seen:Never
Sightings:1
imphash : d8a0e32155e501ac7d70ab9694c24697
Create hunting rule
ssdeep : 49152:F/OVNFNzIZEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEp:F4FN
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : c0ccecccc4c8dc00
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:e3c32d64-c70b-11f0-a73e-42010aa4000b
File name:1687ed72764a7123cfca0fb2a3f180dc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Trojan.HTran-6964504-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Anthem_DeepPanda_htran_exe
Create hunting rule
Author:Florian Roth
Description:Anthem Hack Deep Panda - htran-exe
TLP:TLP:WHITE
Repository:
Rule name:DebuggerCheck__API
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:DebuggerCheck__QueryInfo
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:DebuggerHiding__Thread
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:DeepPanda_htran_exe
Create hunting rule
Author:Florian Roth (Nextron Systems)
Description:Hack Deep Panda - htran-exe
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:DeepPanda_htran_exe_RID2E90
Create hunting rule
Author:Florian Roth
Description:Hack Deep Panda - htran-exe
Reference:-
TLP:TLP:WHITE
Rule name:dgaagas
Create hunting rule
Author:Harshit
Description:Uses certutil.exe to download a file named test.txt
TLP:TLP:WHITE
Repository:YARAify
Rule name:IronPanda_Malware_Htran
Create hunting rule
Author:Florian Roth
Description:Iron Panda Malware Htran
Reference:https://goo.gl/E4qia9
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:IronPanda_Malware_Htran
Create hunting rule
Author:Florian Roth (Nextron Systems)
Description:Iron Panda Malware Htran
Reference:https://goo.gl/E4qia9
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:IronPanda_Malware_Htran_RID3011
Create hunting rule
Author:Florian Roth
Description:Iron Panda Malware Htran
Reference:https://goo.gl/E4qia9
TLP:TLP:WHITE
Rule name:MD5_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for MD5 constants
TLP:TLP:WHITE
Repository:
Rule name:meth_stackstrings
Create hunting rule
Author:Willi Ballenthin
TLP:TLP:WHITE
Repository:YARAify
Rule name:RIPEMD160_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for RIPEMD-160 constants
TLP:TLP:WHITE
Repository:
Rule name:SHA1_Constants
Create hunting rule
Author:phoul (@phoul)
Description:Look for SHA1 constants
TLP:TLP:WHITE
Repository:

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.