YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 3dcc80d884fb8fc23fac2af5f198b8a8330f9f534c78501645b02ff905620d0f.

Scan Results


SHA256 hash: 3dcc80d884fb8fc23fac2af5f198b8a8330f9f534c78501645b02ff905620d0f
File size:478'888 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 40a4b436ec4560efdde24e5ee35f7eef
SHA1 hash: 2089788fc8cb5d557d9f4e3eb754c64c8fe7f7ee
SHA3-384 hash: bb76eb18e49744afaee8ec40df9188be1db491cb5977089b506fe38b0c73873b54b6bf2ccf033417e0f596e7f824dffe
First seen:2022-11-24 19:52:24 UTC
Last seen:Never
Sightings:1
imphash : 477aa2deaa0c765ec0ee08b1bb80e82d
ssdeep : 6144:20G2IYmDvUFBjOUnoGd/B7KEH0Q/qqyJuG/GXu+X98RrJXcEcVsvDZNIfsbcSZ:29TUFAUnvJ1h/MudeLrJXcaOfr
TLSH : T11FA47B12F294C93BD0631A34AC6BA9666039BF1526305E477FEC2D4D6F396C239263D3
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:84311afb-6c31-11ed-a71a-42010aa4000b
File name:43b0000.tfh36C4.tmp
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:command_and_control
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
TLP:TLP:WHITE
Repository:CD-R0M

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.