YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 1a8bc3f6b2b4c366ede19d194e1487899f163e72c50c6cc4e4ee93a3ceae7c31.

Scan Results

SHA256 hash: 1a8bc3f6b2b4c366ede19d194e1487899f163e72c50c6cc4e4ee93a3ceae7c31
File size:6'558'344 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: b548dad88aab78d9f2e1fc9bb7d6abfd
SHA1 hash: 78efab49ec559b3d28e50f0543a1ebc0aab95a67
SHA3-384 hash: 35083e735763d5f3dd6ee61039af012dabc9f95f87a6904d8b0427803d9796f0b8401582d99f4d6f3258a8697ebab7fe
First seen:2026-04-27 21:07:02 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 24576:RBJi4gLSycKx7tKRBtTGXGmm/UiVQ2mQQ2vAE5:zZvmm/UiVQEQsAE
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:099fde3b-427d-11f1-badc-42010aa4000b
File name:144add78.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:NET
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:
Rule name:pe_no_import_table
Create hunting rule
Author:
Description:Detect pe file that no import table
TLP:TLP:WHITE
Repository:YARAify
Rule name:Sus_CMD_Powershell_Usage
Create hunting rule
Author:XiAnzheng
Description:May Contain(Obfuscated or no) Powershell or CMD Command that can be abused by threat actor(can create FP)
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.