YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 5b05190a0a2b045a89e45419850412f114e259c6500f36b61d71c6bf1deba9f0.

SHA256 hash:	5b05190a0a2b045a89e45419850412f114e259c6500f36b61d71c6bf1deba9f0
File size:	2'195'288 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	16c60f5426c47cff25977e952833f150
SHA1 hash:	5d40bd2c49c244e2927a84374ba66b82dc9784ee
SHA3-384 hash:	112b338538b6f54d9e53f2826f54928a0b52f9f176f5b21788bf74669b0384d9c2f69e9b1167bb753f88d7a31fa0db1d
First seen:	2025-11-20 23:47:35 UTC
Last seen:	Never
Sightings:	1
imphash :	40ab50289f7ef5fae60801f88d4541fc Create hunting rule
ssdeep :	49152:1wREDDMKXX3iiDjQOE8iip1RYgkeMpEELBOJJ:1wRE1XXSYkOp/kZ8JJ
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	54807ef8b8cfe830 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	CP_Script_Inject_Detector Create hunting rule
Author:	DiegoAnalytics
Description:	Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	PE_Digital_Certificate Create hunting rule
Author:	albertzsigovits
TLP:	TLP:WHITE
Repository:

Rule name:	shellcode Create hunting rule
Author:	nex
Description:	Matched shellcode byte patterns
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2025-11-20 23:47:35 UTC Static: 6 Unpacker: 0 ClamAV: 0