YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash a2a40988e68d5e0b41cc7552c30258801550f4e4780201fe3d9301257e7b049b.
Scan Results
| SHA256 hash: | a2a40988e68d5e0b41cc7552c30258801550f4e4780201fe3d9301257e7b049b | |
|---|---|---|
| File size: | 811'008 bytes | |
| File download: | Original | |
| MIME type: | application/x-dosexec | |
| MD5 hash: | edea5a65830af9f341148f8e85c0a5c8 | |
| SHA1 hash: | 118ea03c80f4ca4886cbbc5d891a61272fc49192 | |
| SHA3-384 hash: | 7d19f1a647a519aef87f53e2c2ae1113a02282969a7c156c7023234f5fa43361ef3d41e38db0671304c2f2b3d6b5ed71 | |
| First seen: | 2023-01-25 09:31:22 UTC | |
| Last seen: | Never | |
| Sightings: | 1 | |
| imphash : | n/a | |
| ssdeep : | 12288:mMfk/wuhfLDv86tzxRkc+H27vmK+LcK74wyhu1lPY+pPD21wM3zY9pjTvadFJp5f:D8YupLDv8zc+H2lW0LXX | |
| TLSH : | T12205F7983210B6EFD89B897ACEA45C20E76074AB470BD207659723ED9D0D6E7CF141E3 | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | n/a | |
Tasks
You can browse the 10 most recent tasks associated with this file blow.
Task Information
| Task ID: | 0827e523-9c93-11ed-98c2-42010aa4000b | |
|---|---|---|
| File name: | f10000.c03ebee0827d9f75cd63702576d4a51f.exe | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
| Signature: | PUA.Win.Packed.ConfuserEx-6391397-0 |
|---|
| Signature: | Win.Packed.Zusy-9956642-0 |
|---|
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | INDICATOR_EXE_Packed_ConfuserEx |
|---|---|
| Author: | ditekSHen |
| Description: | Detects executables packed with ConfuserEx Mod |
| TLP: | TLP:WHITE |
| Repository: | ditekshen |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter