YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 1efbd88b0a03dc5bda5c3e1a0e7d979fd5cb0cd82ddd4fef45656bc6c1c936a8.

SHA256 hash:	1efbd88b0a03dc5bda5c3e1a0e7d979fd5cb0cd82ddd4fef45656bc6c1c936a8
File size:	393'216 bytes
File download:	Original
MIME type:	application/octet-stream
MD5 hash:	ed58bcecc916b904b9c39d595b40289f
SHA1 hash:	d81ec652b2f4a28147ce0027f94b7c87e5dfa998
SHA3-384 hash:	a6cb7b10d24bd537b7e760fffca43b96732a9dd25b5b1686106dbbe79dd03aebe6e52774fd6fa8eeffb9ca3fc3d52e9f
First seen:	2026-03-06 06:24:06 UTC
Last seen:	Never
Sightings:	1
imphash :	n/a
ssdeep :	6144:u7sx/IA34n9euS8Ybr762bGUqaiZUdTkHg3h5q2l9iV50DErOciW:u7smA3P8YmjaiZUdwwq2lbDZci
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	malware_shellcode_hash Create hunting rule
Author:	JPCERT/CC Incident Response Group
Description:	detect shellcode api hash value
TLP:	TLP:WHITE
Repository:	JPCERTCC

Rule name:	SHA512_Constants Create hunting rule
Author:	phoul (@phoul)
Description:	Look for SHA384/SHA512 constants
TLP:	TLP:WHITE
Repository:

Rule name:	vmdetect Create hunting rule
Author:	nex
Description:	Possibly employs anti-virtualization techniques
TLP:	TLP:WHITE
Repository:

Rule name:	win_m0yv_auto Create hunting rule
Author:	Felix Bilstein - yara-signator at cocacoding dot com
Description:	Detects win.m0yv.
TLP:	TLP:WHITE
Repository:	Malpedia

Rule name:	Windows_Generic_Threat_ebf62328 Create hunting rule
Author:	Elastic Security
TLP:	TLP:WHITE
Repository:	elastic

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-03-06 06:24:06 UTC Static: 5 Unpacker: 0 ClamAV: 0