YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 84008a1b06a3eb9e1af6422de3e8d143521165bd5a199955f71533e4ee6b368f.

Scan Results

SHA256 hash:	84008a1b06a3eb9e1af6422de3e8d143521165bd5a199955f71533e4ee6b368f
File size:	2'178'527 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	23d9c2a945427f2a7da2bb19256b3ade
SHA1 hash:	809385d2658162f88f06c18da892984bab29f118
SHA3-384 hash:	018060c78d12e33f1b216f18422b298db85de2db2b460ed78ffda8550f71885f8bf4490a17ddfe96b8ccbf6780838840
First seen:	2026-03-29 17:19:35 UTC
Last seen:	Never
Sightings:	1
imphash :	4c8f20ddfefa86c4ee0d8125cb43c575 Create hunting rule
ssdeep :	24576:MLjYx/B5ewYsKUnNzO0LdXewKNnpwT9+MLJN/HEp6uuMHQy5Sk2Tc+lPYRK:eEBQCKMN7pXRKNnpw7Ep6692Tb
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	30c68a8c88cac420 Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:	759f58c7-2b93-11f1-b47f-42010aa4000b
File name:	23d9c2a945427f2a7da2bb19256b3ade
Task parameters:	ClamAV scan:	True
	Unpack:	False
	Share file:	True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:	PUA.Win.Packer.Aspack-29 Create hunting rule

Signature:	PUA.Win.Packer.Aspack-30 Create hunting rule

Signature:	SecuriteInfo.com.W64.Ipamor.AA.gen.Eldorado.UNOFFICIAL Create hunting rule

Signature:	Win.Dropper.Ipamor-9886396-0 Create hunting rule

Signature:	Win.Dropper.Vindor-9885715-0 Create hunting rule

Signature:	Win.Dropper.Vindor-9886339-0 Create hunting rule

Signature:	Win.Malware.Bulz-9885565-0 Create hunting rule

Signature:	Win.Malware.Cerbu-9888703-0 Create hunting rule

Signature:	Win.Malware.Dqan-9885474-0 Create hunting rule

Signature:	Win.Malware.Dqan-9886402-0 Create hunting rule

Signature:	Win.Malware.Generic-9886878-0 Create hunting rule

Signature:	Win.Malware.Ursu-9936749-0 Create hunting rule

Signature:	Win.Packed.Pidgeon-9909600-0 Create hunting rule

Signature:	Win.Ransomware.Azvo-9978000-0 Create hunting rule

Signature:	Win.Trojan.Disbi-1 Create hunting rule

Signature:	Win.Trojan.Generic-9909443-0 Create hunting rule

Signature:	Win.Trojan.Generic-9909714-0 Create hunting rule

Signature:	Win.Trojan.Generic-9930240-0 Create hunting rule

Signature:	Win.Trojan.Generic-9944113-0 Create hunting rule

Signature:	Win.Trojan.Generic-9950561-0 Create hunting rule

Signature:	Win.Trojan.Ulise-9878240-0 Create hunting rule

Signature:	Win.Trojan.Ulise-9880529-0 Create hunting rule

Signature:	Win.Worm.Pajetbin-6726648-0 Create hunting rule

Signature:	Win.Worm.Vindor-9886047-0 Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:	Check_OutputDebugStringA_iat Create hunting rule
TLP:	TLP:WHITE
Repository:

Rule name:	DebuggerCheck__API Create hunting rule
Reference:	https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:	TLP:WHITE

Rule name:	golang_bin_JCorn_CSC846 Create hunting rule
Author:	Justin Cornwell
Description:	CSC-846 Golang detection ruleset
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	classified
Author:	classified
Description:	classified
Reference:	classified
TLP :	TLP:AMBER

Rule name:	NET Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

Rule name:	NETexecutableMicrosoft Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	PE_Digital_Certificate Create hunting rule
Author:	albertzsigovits
TLP:	TLP:WHITE
Repository:

Rule name:	SEH__vba Create hunting rule
Reference:	https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:	TLP:WHITE

Rule name:	telebot_framework Create hunting rule
Author:	vietdx.mb
TLP:	TLP:WHITE
Repository:	YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Disabled by submitter

Unpacked Files

The following files could be unpacked from this sample.