YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 5c6fef52bef0738393cd388014db1ba72708caf7ecb40d0f35497fd318a45db3.

Scan Results


SHA256 hash: 5c6fef52bef0738393cd388014db1ba72708caf7ecb40d0f35497fd318a45db3
File size:684'032 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 41e9a82f7cb885ea7c8ddcb31440f3a6
SHA1 hash: a71e1ec4a8d54ab190047ff68c5aa618e320b9cd
SHA3-384 hash: 8b3dcffccda00d27b1cd70a660dc2cecd3acf284217a7ad9d19198c9c7f2a805ad47904c3ce3f1b1d1b52a015d347716
First seen:2022-11-24 19:44:38 UTC
Last seen:Never
Sightings:1
imphash : 6bac3cfe8acb6c6c4a30aaa022de2388
ssdeep : 6144:l2UL2i9FKe9G6DMz1d2M+od7MHG+tOkWKR0F2UL2i9FKe9G6DMz1d2M+od7MHG++:l2sFd9G6DMz1o87L2sFd9G6DMz1o87
TLSH : T18EE4D01BBE363584DB222B7D941F790C1C1D7C445EE48AFA493A7A863C7AE3967D3009
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:6eaac420-6c30-11ed-a71a-42010aa4000b
File name:4760000.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:Win.Malware.Ransomx-9959783-0
Signature:Win.Trojan.Ulise-9792178-0
Signature:Win.Trojan.Ulise-9792179-0

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Suspicious_AutoIt_by_Microsoft_RID334C
Author:Florian Roth
Description:Detects a AutoIt script with Microsoft identification
Reference:Internal Research - VT
TLP:TLP:WHITE

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.