YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 615896ca0cdee6dc508a42fdb11c4bbf974021d109eaf45e4daf01000cf89cbc.

Scan Results

SHA256 hash: 615896ca0cdee6dc508a42fdb11c4bbf974021d109eaf45e4daf01000cf89cbc
File size:4'250'096 bytes
File download: Original Unpacked
MIME type:application/x-dosexec
MD5 hash: 02f3be55aff2680b0aa87c32d637112d
SHA1 hash: 8068685e0bd022fee526bc36a4d1ef8a9d14f976
SHA3-384 hash: fb753e86160f4f3f3906df628230f3e6c6aad1d6adffe21612d1af0ead0e69ba44048c3709d4cd270019e5cf95f4c8cf
First seen:2025-11-21 00:05:25 UTC
Last seen:Never
Sightings:1
imphash : af1e21cf3c6d8ffd152142b29862d94e
Create hunting rule
ssdeep : 49152:Q3e5hrb22Anlf4MJi/75ar+j8inM9jGalhh+jCnM/QAIu1t/dXbX0kP8lFmYUVR+:Q3e5Ba7nye9jGalLFmYUVRbanac
TLSH : T13416FA1BFB10E009F4024030AE97D6665A14BD3994489E0BB3C8BF5DBE716E3A9F531B
Create hunting rule
telfhash :n/a
gimphash :n/a
dhash icon : f4d22c6c8a9b4080
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:c7f6ce52-c66d-11f0-adeb-42010aa4000b
File name:02f3be55aff2680b0aa87c32d637112d
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:BitcoinAddress
Create hunting rule
Author:Didier Stevens (@DidierStevens)
Description:Contains a valid Bitcoin address
TLP:TLP:WHITE
Repository:MalwareBazaar
Rule name:SEH__vba
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.