YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 0235975c0cb979c92a100e8d1e38149f65c51b5f8642d2cbe0e9bc855445c55b.

Scan Results


SHA256 hash: 0235975c0cb979c92a100e8d1e38149f65c51b5f8642d2cbe0e9bc855445c55b
File size:52'736 bytes
File download: Original
MIME type:application/CDFV2
MD5 hash: e824c058870749d47fb65a7cd2ad9949
SHA1 hash: 1515bbc854ef6f4647a05f2baec72b0dc5dbaed3
SHA3-384 hash: f34b2030ea9cf8a164f4cadb548c9e2c1714409c36fd3aa3f3c61de42dc0df8ca6827292f211c08a6c426faef5bc4d5b
First seen:2022-11-24 19:43:33 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 768:Dlx6DvKJe5ECkcztet8mUeb/P53FLpSvE0cH0NL:DlsiJGE+tet1Ug/PHLpSv9HNL
TLSH : T12D330604B350CC2BD1A64A320CD3E7DA6B34FC92EE52971732887B1F7D39A549C62B55
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:47df0a6f-6c30-11ed-a71a-42010aa4000b
File name:vbaProject.bin
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:informational_win_ole_protected
Author:Jeff White (karttoon@gmail.com) @noottrak
Description:Identify OLE Project protection within documents.
TLP:TLP:WHITE
Repository:karttoon

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.