YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 218dff3a90c81a328ba1677874da0c1c31d47c042409f1de950ff336140f853e.

Scan Results

SHA256 hash: 218dff3a90c81a328ba1677874da0c1c31d47c042409f1de950ff336140f853e
File size:26'536 bytes
File download: Original Unpacked
MIME type:application/x-dosexec
MD5 hash: 1a443dc7d9d5ac871b24dd056c23d795
SHA1 hash: 2aad63badc35c62fc2b21d941ebe190f26eb0335
SHA3-384 hash: 43f47fc493b546696898c9b2913a727e08f145599b0145eef498bf3a82098293a4c62e2155ce2c728fdea89b7fd10d2c
First seen:2026-01-15 15:27:33 UTC
Last seen:Never
Sightings:1
imphash : dae02f32a21e03ce65412f6e56942daa
Create hunting rule
ssdeep : 768:gPlBGdyjhkQnRGuBhjMJEFsQFtMrNh/bcYi65ALp:gNBGdyFkQnRGOhjMJEFsQFtMrNh/bc7L
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:b6cde62b-f226-11f0-9df4-42010aa4000b
File name:1a443dc7d9d5ac871b24dd056c23d795
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:extracted_at_0x44b
Create hunting rule
Author:cb
Description:sample - file extracted_at_0x44b.exe
Reference:Internal Research
TLP:TLP:WHITE
Repository:MalwareBazaar
Rule name:NETDLLMicrosoft
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:
Rule name:PE_Digital_Certificate
Create hunting rule
Author:albertzsigovits
TLP:TLP:WHITE
Repository:

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.