YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash ab16703356f7ee70f079482892158ce9976edd5e4e5efd3347b46ee570144299.

Scan Results


SHA256 hash: ab16703356f7ee70f079482892158ce9976edd5e4e5efd3347b46ee570144299
File size:10'409'827 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 39d0c5072e24001bcdff163cba7b4268
SHA1 hash: 45b34b9208702f41c557137958524540ddb4630d
SHA3-384 hash: ad434b3d58f6cd8359cd4cdff2818d0dc1a2ccce9633589a8d7682ce016ceb5fceef0f6b6f3029f1d508b6c9214db22d
First seen:2022-11-24 19:55:12 UTC
Last seen:Never
Sightings:1
imphash : 5eb01f08fe593bdb6fddb54d7f62bdd5
ssdeep : 98304:go6fPKNyv6LBDFYWjv4p4nhJuRgIDH2oIAxOT90wbEDCP8F:gLPEy6LBmC4p4hJuRBDH2FCOTf
TLSH : T1E7A67B8EA7F486F0D567C270C59686B3FAB0B8458D74871B1190D75E2F33AE29A3E710
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:e85be464-6c31-11ed-a71a-42010aa4000b
File name:7ffb17f60000.clr.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_xfilesstealer_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.xfilesstealer.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.