YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 4e7fe0f3168dbb0569f638b5f0e91b538c0ea443ac29cff7e543b20d9b14b43d.

SHA256 hash:	4e7fe0f3168dbb0569f638b5f0e91b538c0ea443ac29cff7e543b20d9b14b43d
File size:	53'814 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	88578132de9b8c11a7e1430e8c982fc8
SHA1 hash:	b09652b27502e2e563e99b794079e8ca52b7ce94
SHA3-384 hash:	c01b4d64df6204f3a9de7768a225622834ecf77affb9021d3506a3cbe81ae0c1cedc12413f082445907668bdc93e74e1
First seen:	2023-01-25 09:35:46 UTC
Last seen:	Never
Sightings:	1
imphash :	f0f0b8deb1535386293e4ec850ef295a Create hunting rule
ssdeep :	768:hqwzz/A78wfHWiJ5AgM/jEk284UKFw2C5wR3l5kxifivsByee0Tsn:lAowfNJFgjT284U+w2EwRzkIUoyeel
TLSH :	T1E6338E6BBCC60476D1D3037124798777AA3F69110EB64297DBD8DD2E2A3A3909D39382 Create hunting rule
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	PUA.Win.File.Generic-9752263-0 Create hunting rule

Signature:	PUA.Win.Packer.AcprotectUltraprotect-1 Create hunting rule

Signature:	PUA.Win.Packer.Anti-28 Create hunting rule

Signature:	PUA.Win.Packer.Anti-29 Create hunting rule

Signature:	PUA.Win.Packer.Nspack-1 Create hunting rule

Signature:	PUA.Win.Packer.Nspack-22 Create hunting rule

Signature:	PUA.Win.Packer.Nspack-25 Create hunting rule

Signature:	PUA.Win.Packer.Nspack-26 Create hunting rule

Signature:	Win.Malware.Daws-9952733-0 Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	meth_get_eip Create hunting rule
Author:	Willi Ballenthin
TLP:	TLP:WHITE
Repository:	YARAify

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2023-01-25 09:35:46 UTC Static: 1 Unpacker: 0 ClamAV: 9