YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 92aa9e3d748e29e00c65edeb1f1e433c03296b3582992a133805d432e8313d05.

SHA256 hash:	92aa9e3d748e29e00c65edeb1f1e433c03296b3582992a133805d432e8313d05
File size:	1'589'456 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	c2e98f46d9221564dd675a5fcf8def6a
SHA1 hash:	0b168779c5ba83cba94a8b04283f3722b4e997d1
SHA3-384 hash:	b0e3d6b304dfa2590c823d257810d2ec9e9be5ed252df955e68b3e05c25a70086e932ccfa14828023a078c4afa94a3dd
First seen:	2022-11-24 19:55:03 UTC
Last seen:	Never
Sightings:	1
imphash :	d1c5c480eab67a720f3427060f2d4f58 Create hunting rule
ssdeep :	24576:5a29sUHx0jilsdYBCbuooK0+lbXLOTYI1lOq6sb8hTHA80/WY6C:3sG0GWWinoK0+RXLOTYi6skHX0OY6C
TLSH :	T1E275AE1273AE8225FE6E91327D956301EE7AAC602530FC772EA42D3969232701F1D75F Create hunting rule
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	Win.Downloader.Razy-9845544-0 Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	AutoIT_Compiled Create hunting rule
Author:	@bartblaze
Description:	Identifies compiled AutoIT script (as EXE).
TLP:	TLP:WHITE
Repository:	bartblaze

Rule name:	BitcoinAddress Create hunting rule
Author:	Didier Stevens (@DidierStevens)
Description:	Contains a valid Bitcoin address
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2022-11-24 19:55:03 UTC Static: 2 Unpacker: 0 ClamAV: 1