YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 5557da800d5dcbde2f35df367fbfeca76d4579d90cdf9d1326fab86ca6883065.

SHA256 hash:	5557da800d5dcbde2f35df367fbfeca76d4579d90cdf9d1326fab86ca6883065
File size:	18'494'696 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	04209e61b4c5db058bbbd21ecafb250c
SHA1 hash:	ec65909ac0978be2913357e1bd3424906e4bf9e0
SHA3-384 hash:	58ee4b63ed3861bdc9f862b9c345d864c8500def8b0739ca887150d2570810a2a1b259c066f5841122bb65a07ef5cabb
First seen:	2026-03-11 15:33:08 UTC
Last seen:	Never
Sightings:	1
imphash :	40ab50289f7ef5fae60801f88d4541fc Create hunting rule
ssdeep :	393216:xpFEFsWdA5AfefzYNJ8HLwaNU8vJz0JTl8cG7TxmF:hE+WNGAJc/NU8vB0JR8cG7
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	e8986cd6ccec96e8 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	CP_Script_Inject_Detector Create hunting rule
Author:	DiegoAnalytics
Description:	Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	PE_Digital_Certificate Create hunting rule
Author:	albertzsigovits
TLP:	TLP:WHITE
Repository:

Rule name:	shellcode Create hunting rule
Author:	nex
Description:	Matched shellcode byte patterns
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-03-11 15:33:09 UTC Static: 6 Unpacker: 0 ClamAV: 0