YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 45ccbf77f24c3e10627099eadd69796213aabf4b67ebeb7ef1df417cf990826a.

Scan Results

SHA256 hash: 45ccbf77f24c3e10627099eadd69796213aabf4b67ebeb7ef1df417cf990826a
File size:3'084'288 bytes
File download: Original
MIME type:application/octet-stream
MD5 hash: 17fe0566f59e387f3da3a29b005c376c
SHA1 hash: 1a5c128d48718e0a4280c49ac80c81ba1329c8db
SHA3-384 hash: 35e6906727668cf68f70f7c7440c3c3561801fc012f4d00179b2b079955f2a9095bed047908178d7f39c4290a41c15af
First seen:2026-03-16 12:36:26 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 12288:IaqyhmuIzDEXSVm2qg0SsRQwbV72HYuNbs/a/0xMVxEZKxb2O:ITyCDR/qgXsawJ6Y1MMZKxb2
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:c02d9f54-2134-11f1-b47f-42010aa4000b
File name:7410000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:SUSP_XORed_Mozilla_Oct19
Create hunting rule
Author:Florian Roth
Description:Detects suspicious single byte XORed keyword 'Mozilla/5.0' - it uses yara's XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key.
Reference:https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force()
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:SUSP_XORed_Mozilla_RID2DB4
Create hunting rule
Author:Florian Roth
Description:Detects suspicious XORed keyword - Mozilla/5.0
Reference:Internal Research
TLP:TLP:WHITE

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.