YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 3c6b045c257959f0b800607bd9bacd3db93aa2a60d865a9573ca2d1c75803bd3.

Scan Results

SHA256 hash: 3c6b045c257959f0b800607bd9bacd3db93aa2a60d865a9573ca2d1c75803bd3
File size:122'880 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 2c4b658061d1f1f8ca4cdfc7142071ba
SHA1 hash: 6330f8464beeffeaa39d2811115ece34deb1e19a
SHA3-384 hash: 87b9222689c06b44ec3042e6deadf0064dec9f72c7cf929db409db8c300140b5d81f1610a56787f07271641a852693ae
First seen:2023-03-26 23:54:00 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 3072:ejzhZWxivgmhbI/pqqsFUCN3R96II+YpgvQout:eXC4vgmhbIxs3NB8puQoS
TLSH : T1FEC3BF813D85C53ED02D51396AC9FA3E5874D6741421CE83EFD0FA66AF8D6A0262C7E3
Create hunting rule
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:7aa1b6ce-cc31-11ed-866d-42010aa4000b
File name:400000.a86f00d4eec4ab7cb07f79f2ef69e2bb.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Malware.8944b-6803765-0
Create hunting rule
Signature:Win.Malware.Eclz-9953021-0
Create hunting rule
Signature:Win.Malware.Razy-9953022-0
Create hunting rule
Signature:Win.Malware.Sfone-6763601-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_SUSPICIOUS_EXE_SandboxUserNames
Create hunting rule
Author:ditekSHen
Description:Detects executables containing possible sandbox analysis VM usernames
TLP:TLP:WHITE
Repository:diˈtekSHən

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.