YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 391e4ae9d19d44f3cd6f2a8293080cf1720143ae8b3cb52a92cc4a5bd5fada97.

Scan Results


SHA256 hash: 391e4ae9d19d44f3cd6f2a8293080cf1720143ae8b3cb52a92cc4a5bd5fada97
File size:10'113'680 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 0f34395b2f73d7b790f241371e95a181
SHA1 hash: fed71410383dda1b0584b96f61c13357a7218212
SHA3-384 hash: 37bdfcf7d78048a90dc06c8498f6e06d11f9e065d5b9b96ab09049fda9c752198db5c4e3596e81fbcb3bf4a7877c0153
First seen:2023-01-25 09:39:46 UTC
Last seen:Never
Sightings:1
imphash : c2449bdb5a1c65896147655caa06f32b
ssdeep : 196608:bXbTNCWH+CZyk9YkaLarfW42p+8eZJ1bE72DN:bnMWH+CZgOrfWFp+8IVE7CN
TLSH : T131A64B55F6AA81B5D133D0BEC6CBD65BEAF2384467304EC711028B5A1E377E2853A723
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:3461ba59-9c94-11ed-98c2-42010aa4000b
File name:7fff91d80000.mscorwks.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Mimikatz_Generic
Author:Still
Description:attempts to match all variants of Mimikatz
TLP:TLP:WHITE
Repository:malware-bazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.