YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 7932ff364ecf6acb693e809a8b9c6a3df832d06fa7caa7a00c250e3cb3443259.

Scan Results

SHA256 hash: 7932ff364ecf6acb693e809a8b9c6a3df832d06fa7caa7a00c250e3cb3443259
File size:110'592 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: a92ab480b2f47100d1f283aa2ac2da39
SHA1 hash: a0a8af7b9025e7b626c7bcf2039408a95d7eafa6
SHA3-384 hash: 7e373d51f97c834274ee87a5dda3f87d2041da3d50a6b5d33cdacc87ff25cc603ccba5d0409c260144bfa31b8e21bc69
First seen:2026-02-11 17:38:46 UTC
Last seen:Never
Sightings:1
imphash : 22862a0a5c83d27a3ea1f3e845f0078b
Create hunting rule
ssdeep : 1536:nfoRq8Mpqb1057UbcxgSmrRgHXTmO0kVJyvvFiDMIjTyFzy7V1mN:ngRq8Wq+9UogSmlg3iO0TFiD5PGN
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 2b4db233b3964d07
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:84b03d98-0770-11f1-82f6-42010aa4000b
File name:400000.1856b27f21f9d7c3ac1d8d880dadcc25.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Trojan.Dialer-2745
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:FreddyBearDropper
Create hunting rule
Author:Dwarozh Hoshiar
Description:Freddy Bear Dropper is dropping a malware through base63 encoded powershell scrip.
TLP:TLP:WHITE
Repository:YARAify
Rule name:UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.