YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 51418b3fc73fe33287f6b1ef2812e389f18bd22d61b9d36da448121d4240eb41.

SHA256 hash:	51418b3fc73fe33287f6b1ef2812e389f18bd22d61b9d36da448121d4240eb41
File size:	74'240 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	29213ddd1f61c20ee87e16f681da59c6
SHA1 hash:	719b3411b3c489fe3d064cf5a3f19635aa0384f5
SHA3-384 hash:	35ca848ba0e3f1f7ac11492ceb1358a14c7d43a4b4ce2597ce61a3178e2635d05006c0bc3c14fc537a4178e6f891bbee
First seen:	2026-03-15 13:16:24 UTC
Last seen:	Never
Sightings:	1
imphash :	5d2578ed274aad83c30a3917c98404ee Create hunting rule
ssdeep :	1536:6ceaOTYJdfTLPOciLigjWu9jynOdFMEFVl1:6HsJAu17YMEFVl1
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	DebuggerHiding__Thread Create hunting rule
Reference:	https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:	TLP:WHITE

Rule name:	VECT_Ransomware Create hunting rule
Author:	Mustafa Bakhit
Description:	Detects activity associated with VECT ransomware. This includes registry modifications and deletions, execution of system and defense-evasion commands, suspicious API usage, mutex creation, file and memory manipulation, ransomware note generation, anti-debugging and anti-analysis techniques, and embedded cryptographic constants (SHA256) characteristic of this malware family. Designed for threat intelligence and malware detection environments.
TLP:	TLP:WHITE
Repository:	YARAify

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-03-15 13:16:25 UTC Static: 2 Unpacker: 0 ClamAV: 0