YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 4c05ce56e07442d326b9b25fb32634222a69cd7cfca37726adf359733662ed01.

Scan Results


SHA256 hash: 4c05ce56e07442d326b9b25fb32634222a69cd7cfca37726adf359733662ed01
File size:460'308 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 9f265dd3d8c18d5b14c963ac6916e312
SHA1 hash: 9b920d085d5c2bd7b513fd8054e7e1f00acefbd2
SHA3-384 hash: 0b29dd2d9d38fd036a532d5f40ac0edbd49f6f8d5652a82a3bb81495b0ed8d6e35670a4c5660bd2b59e62b2bbf297b03
First seen:2022-11-24 19:50:33 UTC
Last seen:Never
Sightings:1
imphash : 843ad16c24bfcf1c7640e354eec871d4
ssdeep : 12288:2GzQYR4IeaAVB6ETW82Ku8UKfdndPCoY7h:28lgaAVB6evW8UKlndPkh
TLSH : T1C3A47C29F6C1C537D0624A348C6BDDA5A435BBA02D28645B77FE1F0C4FB97822D272D2
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:41c88ac6-6c31-11ed-a71a-42010aa4000b
File name:400000.968849f1-9658-4be0-bdd8-4675844f8d11.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:Win.Malware.Barys-6743002-0
Signature:Win.Malware.Gofot-9940821-0
Signature:Win.Malware.Gofot-9942180-0
Signature:Win.Malware.Gofot-9945738-0

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:command_and_control
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
TLP:TLP:WHITE
Repository:CD-R0M

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.