YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 24ebad16b4363a7ae87fe818ddd6ac29406f6f87c7aa941e6da969c9d2290ee9.

Scan Results

SHA256 hash: 24ebad16b4363a7ae87fe818ddd6ac29406f6f87c7aa941e6da969c9d2290ee9
File size:33'954 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 435f09d69a4b70576b438333a9bba166
SHA1 hash: 33fed29a6e190ff45bcddf1dfae2dd96dbf6804a
SHA3-384 hash: 80ca18857708552b96730e1da94d65d23b69a970fd9cbd5c62209ce2d05f06c1d6f6d0cc9bae23f602f907248b887cce
First seen:2026-02-11 17:43:14 UTC
Last seen:Never
Sightings:1
imphash : 22a685e41a07ba083b8a82a91f78aa28
Create hunting rule
ssdeep : 192:1bvQAJw4roxkjUQl5gvYLTW9jLhmhwX9juEOpw6gKMvX:1bvQA5roWUI5xS9g2tjuEP6Y
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:24910dd8-0771-11f1-82f6-42010aa4000b
File name:2ef0000.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:command_and_control
Create hunting rule
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
TLP:TLP:WHITE
Repository:CD-R0M
Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:TLP:WHITE
Repository:YARAify
Rule name:UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.