YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 3e858120814657b5310e217def10746294c6628e7f91f097744cc39289eb732c.

Scan Results

SHA256 hash: 3e858120814657b5310e217def10746294c6628e7f91f097744cc39289eb732c
File size:262'144 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 938a04522da7760998b006dce592c40a
SHA1 hash: 1ab2d15d5d73f857f619510740b825b265e65641
SHA3-384 hash: 73a4ea26a2887e073ef7596dba241dc7cd9d60c169483d33e3c90605cdaa1bda94b41410f555fb6ef4a94b5092cf2036
First seen:2025-06-18 22:41:01 UTC
Last seen:Never
Sightings:1
imphash : 6db997463de98ce64bf5b6b8b0f77a45
Create hunting rule
ssdeep : 1536:GccYH/Gnc+hmlJQektFe2LkQ3XuhiTMuZXGTIVefVD:yYt7QektFj53XuhuXGQmVD
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:4fcd5ce3-4c95-11f0-9b97-42010aa4000b
File name:400000.Fmomgf32.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:PUA.Win.Packer.Lccwin-2
Create hunting rule
Signature:Win.Malware.Qukart-6838239-0
Create hunting rule
Signature:Win.Packed.Lazy-10005437-0
Create hunting rule
Signature:Win.Trojan.Obfus-38
Create hunting rule
Signature:Win.Trojan.Padodor-10016488-0
Create hunting rule
Signature:Win.Trojan.Qukart-6874817-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Sus_Obf_Enc_Spoof_Hide_PE
Create hunting rule
Author:XiAnzheng
Description:Check for Overlay, Obfuscating, Encrypting, Spoofing, Hiding, or Entropy Technique(can create FP)
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.