YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash a2a40988e68d5e0b41cc7552c30258801550f4e4780201fe3d9301257e7b049b.

Scan Results


SHA256 hash: a2a40988e68d5e0b41cc7552c30258801550f4e4780201fe3d9301257e7b049b
File size:811'008 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: edea5a65830af9f341148f8e85c0a5c8
SHA1 hash: 118ea03c80f4ca4886cbbc5d891a61272fc49192
SHA3-384 hash: 7d19f1a647a519aef87f53e2c2ae1113a02282969a7c156c7023234f5fa43361ef3d41e38db0671304c2f2b3d6b5ed71
First seen:2023-01-25 09:31:22 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 12288:mMfk/wuhfLDv86tzxRkc+H27vmK+LcK74wyhu1lPY+pPD21wM3zY9pjTvadFJp5f:D8YupLDv8zc+H2lW0LXX
TLSH : T12205F7983210B6EFD89B897ACEA45C20E76074AB470BD207659723ED9D0D6E7CF141E3
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:0827e523-9c93-11ed-98c2-42010aa4000b
File name:f10000.c03ebee0827d9f75cd63702576d4a51f.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

Signature:PUA.Win.Packed.ConfuserEx-6391397-0
Signature:Win.Packed.Zusy-9956642-0

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_EXE_Packed_ConfuserEx
Author:ditekSHen
Description:Detects executables packed with ConfuserEx Mod
TLP:TLP:WHITE
Repository:ditekshen

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.