YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 51212ebb60c573b42b606f814cc01e4d0d2186c6374d937c38b2b30513a83108.

Scan Results


SHA256 hash: 51212ebb60c573b42b606f814cc01e4d0d2186c6374d937c38b2b30513a83108
File size:316'086 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: ec0b5544b559f946c9e9036852bd079a
SHA1 hash: 13f7551d30812d24c63c7f7f9830a5c173f6d4fb
SHA3-384 hash: 65aa0606dff3092e091d1494ef67f59a933d65b08b82924399e227cafd27e86cacbc397b670711f2e82e1721d8ca67a0
First seen:2023-01-25 09:39:49 UTC
Last seen:Never
Sightings:1
imphash : a620f3ccf29aa747bcdc0aea9e7e34be
ssdeep : 6144:V/eHnriXUU5EYCTvaBjRjWrLJKuKnGML5Njcx5:ByOUusvalgg5Nja
TLSH : T1A864CF0A73AA454AE677493C3A66C29112A3BD784F2746DB3587313E3DB5E520C2EF43
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:3605a896-9c94-11ed-98c2-42010aa4000b
File name:400000.system.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:Win.Malware.Moonlight-9890813-0
Signature:Win.Malware.Moonlight-9934254-0
Signature:Win.Malware.Moonlight-9934996-0
Signature:Win.Trojan.Moonlight-9881795-0
Signature:Win.Trojan.Virut-113
Signature:Win.Trojan.Virut-22
Signature:Win.Trojan.Virut-308
Signature:Win.Worm.Moonlight-9779178-0
Signature:Win.Worm.Ulise-9778387-0
Signature:Win.Worm.VB-663

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:command_and_control
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
TLP:TLP:WHITE
Repository:CD-R0M
Rule name:meth_get_eip
Author:Willi Ballenthin
TLP:TLP:WHITE
Repository:yaraify
Rule name:TeslaCryptPackedMalware
TLP:TLP:WHITE
Repository:malware-bazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.