YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 6db1e7c9eb12dedd81f9a77a5b556c77c6a9f29679b818550878732d5d079de4.

Scan Results


SHA256 hash: 6db1e7c9eb12dedd81f9a77a5b556c77c6a9f29679b818550878732d5d079de4
File size:7'456'768 bytes
File download: Original Unpacked
MIME type:application/x-dosexec
MD5 hash: 0ab11ae332b557c95ef4333a91998cc8
SHA1 hash: ec391786ef51e4dad1b67aa86d8cd9990360dc6a
SHA3-384 hash: 6a40871a2ec70e76b02306b1c1c3015a1f23cbc881e12d0636b6dd2e940b6c038579f6e2205edefae0f7fb47fcfdbea1
First seen:2026-04-07 15:42:50 UTC
Last seen:Never
Sightings:1
imphash : 7af306ce567e329fdb1da118445868b0
ssdeep : 98304:xNunjNunGm0R8q410SpNe1t2V5Czs1EYxqLN4eCUxA8nee1bgCaKKONNC45JYOlr:PSBSoyq4WvWgoCCU1etCgOjb5mOl
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 3558e8f0d8b27133

Tasks


There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information


Task ID:6f517b26-3298-11f1-b47f-42010aa4000b
File name:0ab11ae332b557c95ef4333a91998cc8
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:SecuriteInfo.com.Win64.Trojan.Agent.26KYMH.UNOFFICIAL

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:CP_Script_Inject_Detector
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:TLP:WHITE
Repository:YARAify
Rule name:DebuggerCheck__API
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:golang_bin_JCorn_CSC846
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
TLP:TLP:WHITE
Repository:YARAify
Rule name:TH_AntiVM_MassHunt_Win_Malware_2026_CYFARE
Author:CYFARE
Description:Detects Windows malware employing anti-VM / anti-sandbox evasion techniques across VMware, VirtualBox, Hyper-V, QEMU, Xen, and generic sandbox environments
Reference:https://cyfare.net/
TLP:TLP:WHITE
Repository:YARAify
Rule name:TH_Generic_MassHunt_Win_Malware_2025_CYFARE
Author:CYFARE
Description:Generic Windows malware mass-hunt rule - 2025
Reference:https://cyfare.net/
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.