YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash 9e383eb4eb99b76f00ab9012ed640da0445779d9a69feee95f0044d099e4353a.
Scan Results
| SHA256 hash: | 9e383eb4eb99b76f00ab9012ed640da0445779d9a69feee95f0044d099e4353a | |
|---|---|---|
| File size: | 2'062'240 bytes | |
| File download: | Original | |
| MIME type: | application/x-dosexec | |
| MD5 hash: | 80f5bc267e7d9151ca87e84c3c2aba30 | |
| SHA1 hash: | 70b1be9905e9906d64bc89b6fcf2ca8b0eddfe2e | |
| SHA3-384 hash: | 56498fc06e5df1471d934a960d3a82e43a91ac3a8eb8df5addd21a0538b0c0429c665325ba8c040d2eae2a8c2d31a4f1 | |
| First seen: | 2025-11-21 02:45:29 UTC | |
| Last seen: | 2025-11-21 02:50:02 UTC | |
| Sightings: | 6 | |
| imphash : | 4cea7ae85c87ddc7295d39ff9cda31d1 | |
| ssdeep : | 49152:+gtOlxElKn3L1xDjBWKFpUuTgVeUE+FY+j/4QXxYt3tcJ+:KxElKn71Fj8KFptgSO/4+xYhtc | |
| TLSH : | n/a | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | 06a2131b031f9000 | |
Tasks
There are 6 tasks on YARAify for this particular file. The 10 most recent ones are shown below.
Task Information
| Task ID: | c71108a1-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | gbJgfsF.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | a3368f84-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | gbJgfsF.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 7f5a28aa-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | gbJgfsF.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 5b29d39f-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | gbJgfsF.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 28b0495c-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | 80f5bc267e7d9151ca87e84c3c2aba30 | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 24992ecf-c684-11f0-adeb-42010aa4000b | |
|---|---|---|
| File name: | 9e383eb4eb99b76f00ab9012ed640da0445779d9a69feee95f0044d099e4353a.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | detect_Redline_Stealer |
|---|---|
| Author: | Varp0s |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | PE_Digital_Certificate |
|---|---|
| Author: | albertzsigovits |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.