YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash 27ab8e5657794921189570170d502257416d477e5709d93e03cfc52afc0274bb.
Scan Results
| SHA256 hash: | 27ab8e5657794921189570170d502257416d477e5709d93e03cfc52afc0274bb | |
|---|---|---|
| File size: | 1'973'091 bytes | |
| File download: | Original | |
| MIME type: | application/x-dosexec | |
| MD5 hash: | 649e7d594c1c504512167ea05c4a0929 | |
| SHA1 hash: | 75363cd0bed360d5493c9e1fac80cbda1a190521 | |
| SHA3-384 hash: | efacb3fb86f2a38dd194cafd1a0a6125a52819b74c3b4c33d00170107722ff17d303379612c1307a886012d6163f63de | |
| First seen: | 2023-01-25 09:40:20 UTC | |
| Last seen: | Never | |
| Sightings: | 1 | |
| imphash : | 45334d723c94cf88acf188da36b5f4e2 | |
| ssdeep : | 49152:kpiVHhGkF/7kgZD8f1D6/geI+bLyKsOD7PBOO3J:kpiV4f1D6/geI6sY | |
| TLSH : | T116959E27B9401062F9FB1E7C59A9736B89ADA8304B2184C775F04ADF496A1F06D3E34F | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | n/a | |
Tasks
There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.
Task Information
| Task ID: | 487ce610-9c94-11ed-98c2-42010aa4000b | |
|---|---|---|
| File name: | 74ca0000.KERNELBASE.dll | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
No matches
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | Raspberry_Robin_DLL_MAY_2022 |
|---|---|
| Author: | CD_R0M_ |
| Description: | Detects DLL dropped by Raspberry Robin. |
| Reference: | https://redcanary.com/blog/raspberry-robin/ |
| TLP: | TLP:WHITE |
| Repository: | CD-R0M |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter