YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash 9b558732f8ee97f61bf01ab09e02c9e6e062efdc86da5783db3847497f5dd187.
Scan Results
| SHA256 hash: | 9b558732f8ee97f61bf01ab09e02c9e6e062efdc86da5783db3847497f5dd187 | |
|---|---|---|
| File size: | 8'192 bytes | |
| File download: | Original | |
| MIME type: | application/octet-stream | |
| MD5 hash: | 5124301f9aca7f6d1c253431d41bd39c | |
| SHA1 hash: | 297e39755dce60d292633c93026f6d0705bf0164 | |
| SHA3-384 hash: | e6da69391c1dd3d4e7299daaf6f9be39c9e4ae42bd3915fd02ad3b928517be7f4f998a803c13646d282825bf1ce15edf | |
| First seen: | 2022-11-24 19:43:34 UTC | |
| Last seen: | 2022-11-24 19:43:36 UTC | |
| Sightings: | 2 | |
| imphash : | n/a | |
| ssdeep : | 96:ZYzofLhNRaX6WfGSpQcggdxlZim7LnBVJlXlggDMUKWbizc5+g9NSAvSA:ZYoTlaXJfGSHgeeGTGzc5fmAqA | |
| TLSH : | T1E1F1C78605527381DAF221B0944787DEE0BBCBFB01046B3FF74861716FB32A79D69A44 | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | n/a | |
Tasks
There are 2 tasks on YARAify for this particular file. The 10 most recent ones are shown below.
Task Information
| Task ID: | 49372f42-6c30-11ed-a71a-42010aa4000b | |
|---|---|---|
| File name: | 1f0000.shc | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
No matches
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | win_sality_auto |
|---|---|
| Author: | Felix Bilstein - yara-signator at cocacoding dot com |
| Description: | Detects win.sality. |
| TLP: | TLP:WHITE |
| Repository: | Malpedia |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter
Task Information
| Task ID: | 482121e6-6c30-11ed-a71a-42010aa4000b | |
|---|---|---|
| File name: | 1f0000.corrupt_dll | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
No matches
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | win_sality_auto |
|---|---|
| Author: | Felix Bilstein - yara-signator at cocacoding dot com |
| Description: | Detects win.sality. |
| TLP: | TLP:WHITE |
| Repository: | Malpedia |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter