YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 7c9d89906c0f5c4beb2a2f0757fc2e3e910fc19c2f731ee07cec13a281ad3c6f.

Scan Results


SHA256 hash: 7c9d89906c0f5c4beb2a2f0757fc2e3e910fc19c2f731ee07cec13a281ad3c6f
File size:8'192 bytes
File download: Original
MIME type:application/octet-stream
MD5 hash: c060f0840ae23262169390142f4c6c87
SHA1 hash: 64042373aed1613c7265891bfa4e47bd026f7fc1
SHA3-384 hash: e380a3659764132cf0ec31f0fc864929e5072246eeec5df8337794038f8cd6f43e037187052b000182360550e3f6e71c
First seen:2022-11-24 19:48:39 UTC
Last seen:2022-11-24 19:48:41 UTC
Sightings:10
imphash :n/a
ssdeep : 96:Emk4ozYLhNUfuUj9Gh8fq2M4XMyoymY0sUWC0Y5SgLTLuiPDxndukSXm5D4UpI7q:ttoMYf9jEh8f2c151Y5LfikDxDJReCR
TLSH : T16FF12C9209463367DDA624B0FC1606CE65DAC7FA07449DFB730D94515FF32E68E74248
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:ff02f94e-6c30-11ed-a71a-42010aa4000b
File name:2870000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:ff074548-6c30-11ed-a71a-42010aa4000b
File name:2870000.corrupt_dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:ff3e7eb4-6c30-11ed-a71a-42010aa4000b
File name:20000.corrupt_dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:ff42fc19-6c30-11ed-a71a-42010aa4000b
File name:20000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:ff476b8c-6c30-11ed-a71a-42010aa4000b
File name:2870000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:ff4bd3ce-6c30-11ed-a71a-42010aa4000b
File name:2870000.corrupt_dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:fe5e4e57-6c30-11ed-a71a-42010aa4000b
File name:4700000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:fe62f6f7-6c30-11ed-a71a-42010aa4000b
File name:24e0000.corrupt_dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:fe677c79-6c30-11ed-a71a-42010aa4000b
File name:24e0000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.

Task Information


Task ID:fe58cda1-6c30-11ed-a71a-42010aa4000b
File name:4700000.corrupt_dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_sality_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.sality.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.