YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 22aaf825faede22ecc8c90f0081b476546efe877435fd6b9183e9bd7a36bfbea.

Scan Results

SHA256 hash: 22aaf825faede22ecc8c90f0081b476546efe877435fd6b9183e9bd7a36bfbea
File size:2'105'344 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 11113214a555e8330294512a67839039
SHA1 hash: 60888f918d673cafb9048ccdcb52b55a2dec7ed4
SHA3-384 hash: a09e2e17c49cc7edba9aa288402740411d877c7f47ab4a335559a011b2a7b75da03401b9623d971cb3127ae8d8d0b1e8
First seen:2026-03-14 15:29:35 UTC
Last seen:Never
Sightings:1
imphash : a4c070a0a6d85f0dd78c535009a1ecfa
Create hunting rule
ssdeep : 24576:ANkLAb+nIYgY32rwwIWyguQ8Sm/OH+UJDXZKnvxtDKgYjwnf7iF2k0pXnDFR9tvF:uKIYgYHm5+Y+WzkFzZ5B6Eo1g
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 00e2968696b6ca00
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:9b46ea55-1fba-11f1-b47f-42010aa4000b
File name:11113214a555e8330294512a67839039
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Virus.PolyRansom-5704625-0
Create hunting rule
Signature:Win.Virus.Virlock-9958714-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:TLP:WHITE
Repository:YARAify
Rule name:telebot_framework
Create hunting rule
Author:vietdx.mb
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.