YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 062b356fcea4f40574b274ba15ab5a779e44a04e402930b69bf441b8fc156120.

Scan Results


SHA256 hash: 062b356fcea4f40574b274ba15ab5a779e44a04e402930b69bf441b8fc156120
File size:10'411'557 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: b351b2e3eef07ecad7ed151c9334dc00
SHA1 hash: 37146b41392e4121a4e7f1f0275bbff9e4f7e382
SHA3-384 hash: 64cedecd9b6171dfb59f0e09c6ffe2689e2efed0e88c575b0502f683cd3dd1035b1d34496ea8801e767ca42918a84f97
First seen:2022-11-24 19:49:46 UTC
Last seen:Never
Sightings:1
imphash : 5da099d1d7b81bdf3e10f81cae529e24
ssdeep : 98304:so6fPKNyv6LBDFYWjv4p4nhJuRgIDH2oIAxOT90wBEDCP8a:sLPEy6LBmC4p4hJuRBDH2FCOTt
TLSH : T114A66B8DABF486E0D167C274C59786B3FAB0B8458D34971B1190D75E2F33AE2DA1E720
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:261827e7-6c31-11ed-a71a-42010aa4000b
File name:7ffb31ed0000.clr.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_xfilesstealer_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.xfilesstealer.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.