YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 27e46b50ded91d6a0ac693c7b1691f48225fc56c34f82315ff4790435c952065.

Scan Results


SHA256 hash: 27e46b50ded91d6a0ac693c7b1691f48225fc56c34f82315ff4790435c952065
File size:270'454 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 3960b4b080893043034bf6a6bc1b3005
SHA1 hash: c19dbc10a9b7ba98187f65e6409cf942dad7343d
SHA3-384 hash: 9e699a51ed5bbf025a6b3ecd71e9d6569b020c1d64e2e350c7a35ade40dd28a70e520df5328b77e1de0152a231334b63
First seen:2022-11-24 19:54:03 UTC
Last seen:Never
Sightings:1
imphash : 87bed5a7cba00c7e1f4015f1bdae2183
ssdeep : 6144:9r8o4URYUe63GtiDHdiGHUdMB32MjLbzQHqIFVorCL1:f4URYUe63GtiDHdiGHUdMB32MjLbzQHD
TLSH : T145442A336346E34FD46286B4172FC074AAEE6E311270A51F78617B072A76F53A5B1B23
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:bf66fae3-6c31-11ed-a71a-42010aa4000b
File name:400000.e069df47-a996-4f44-82b4-e3a6fdeb9c3e.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:PUA.Win.Packer.MEW-1
Signature:Win.Worm.Brontok-7101103-0
Signature:Win.Worm.Brontok-9939288-0

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_EXE_Packed_MEW
Author:ditekSHen
Description:Detects executables packed with MEW
TLP:TLP:WHITE
Repository:ditekshen

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.