YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 77ab50b053278ba2c1b2286ad25d1adb78453cc45d10737cdd310b5ecefdd14f.

Scan Results

SHA256 hash: 77ab50b053278ba2c1b2286ad25d1adb78453cc45d10737cdd310b5ecefdd14f
File size:18'944 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 04ca7002cae2d6c20131c05ac0dbede3
SHA1 hash: 88553c922ce37187de46631b17b7ede2040f74ce
SHA3-384 hash: 4813a2af61bc7ae9397fc25940b2f93bb47dd7a12c299283f319ae5c1a501faf6a598ac4944f614ff44b5e0d10398e84
First seen:2025-11-21 02:55:31 UTC
Last seen:Never
Sightings:1
imphash : f82124b0907b9d86d349deb917bfa903
Create hunting rule
ssdeep : 384:WS2B4TPYcIMCS+5mTwmw+Iog98RRXvDMJs4:r2aTPYfSK9mwhoLMb
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:8b4e8c57-c685-11f0-adeb-42010aa4000b
File name:04ca7002cae2d6c20131c05ac0dbede3
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Trojan.Agent-1016752
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:TLP:WHITE
Repository:YARAify
Rule name:shellcode
Create hunting rule
Author:nex
Description:Matched shellcode byte patterns
TLP:TLP:WHITE
Repository:MalwareBazaar
Rule name:ThreadControl__Context
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:Windows_Generic_Threat_3c4d9cbe
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.