YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 5b37a34313ec681299c19364c3b85641fbac985f5d719a4a021e0c08ffbe0dd1.

SHA256 hash:	5b37a34313ec681299c19364c3b85641fbac985f5d719a4a021e0c08ffbe0dd1
File size:	679'355 bytes
File download:	Original Unpacked
MIME type:	application/x-dosexec
MD5 hash:	118abd0ac3b30d4b7ba6e6c100999ee4
SHA1 hash:	9ef9f76494d7297df9d47df348682da6c492143c
SHA3-384 hash:	f609a05f715516051ffe2c877f66ba147010cadae7ecc225bd34cd537bf294dcca46e786016e33677e515b8fbadecf86
First seen:	2025-11-20 23:54:36 UTC
Last seen:	Never
Sightings:	1
imphash :	09d0478591d4f788cb3e5ea416c25237 Create hunting rule
ssdeep :	12288:mEtDt+QFAYvL7+3uhyMNfAsLfozPCOZ/5hNeGX9UZPTjOpMZaBY/x4b7GEt:LTdvvdBfAXTBhqt4MZaB3r
TLSH :	T17BE4221162105921F7584B79460AF8E841D7AE3C54D4E64FFAB8BC3E8A367E3293709F Create hunting rule
telfhash :	n/a
gimphash :	n/a
dhash icon :	818da080a0a0a0a2 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	Win.Trojan.Generic-9773074-0 Create hunting rule

Signature:	Win.Trojan.Gupboot-4 Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	pecompact2 Create hunting rule
Author:	Kevin Falcoz
Description:	PECompact
TLP:	TLP:WHITE

Rule name:	PECompact2xxBitSumTechnologies Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

Rule name:	PECompactV2XBitsumTechnologies Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

Rule name:	PECompactv2xx Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2025-11-20 23:54:36 UTC Static: 4 Unpacker: 0 ClamAV: 2