YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 7b7cf83a41eb2e790dd78f8fd873e2d743b46e5afb62aba1589a96929e6db4e8.

Scan Results

SHA256 hash: 7b7cf83a41eb2e790dd78f8fd873e2d743b46e5afb62aba1589a96929e6db4e8
File size:262'144 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 7684f3f781fd590282bd16500e79071a
SHA1 hash: 5377e55efd604b683f23cc681274664e82eb0cf0
SHA3-384 hash: bf5196a32be1bef9b4993c9acf023ce30f7f2e8c83a28d62e0148ffb64abb915d7572c5494d49cc9a9f750dc8bf65347
First seen:2024-10-29 20:26:56 UTC
Last seen:Never
Sightings:1
imphash : b9afff93d5aa3fa76a3c6c894b2a9a04
Create hunting rule
ssdeep : 3072:l8ZWyzxsSqfqzXz58tR6VG9qBjfBzcf8pTYLVf41gC3YFDCanJdUeUKkm3fUhl:mtXwR6VlfyrRA1gCYoaJWeZbY
TLSH :n/a
telfhash :n/a
gimphash :n/a
File icon (PE):PE icon
dhash icon : fadadac2f290c4cc
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:24d81487-9634-11ef-b6ec-42010aa4000b
File name:7684f3f781fd590282bd16500e79071a
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:MiscreantPunch.SingleXOR.EXE.7.UNOFFICIAL
Create hunting rule
Signature:Win.Trojan.Agent-372885
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:SEH__vba
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:SUSP_XORed_MSDOS_Stub_Message
Create hunting rule
Author:Florian Roth
Description:Detects suspicious XORed MSDOS stub message
Reference:https://yara.readthedocs.io/en/latest/writingrules.html#xor-strings
TLP:TLP:WHITE
Repository:Neo23x0

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.