YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash b68de150b2ac4d6ca6bb83eaa5cf4f65600dabc3d4745d88444e4708d60554db.
Scan Results
| SHA256 hash: | b68de150b2ac4d6ca6bb83eaa5cf4f65600dabc3d4745d88444e4708d60554db | |
|---|---|---|
| File size: | 2'088'700 bytes | |
| File download: | Original | |
| MIME type: | application/x-executable | |
| MD5 hash: | 65884f3f0f27045208939d4fc3df595c | |
| SHA1 hash: | 01ab7b8c76dbfb65c7b462e9c83a5b2756e951e0 | |
| SHA3-384 hash: | fe52c534b526efc8b271ba1f4c2bcafbd59c5babf7b57c197a15d3e4b4ee7d2b308817b8cb27ffd23f206c7fa348acb9 | |
| First seen: | 2026-04-02 03:52:02 UTC | |
| Last seen: | 2026-04-02 04:00:25 UTC | |
| Sightings: | 5 | |
| imphash : | n/a | |
| ssdeep : | 49152:KJ2p7rV3i3afuU76EDp3qNZf76BVWaVx77qArMhK:ie3iOmaSj6BNv7lrM8 | |
| TLSH : | n/a | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | n/a | |
Tasks
There are 5 tasks on YARAify for this particular file. The 10 most recent ones are shown below.
Task Information
| Task ID: | 7aab9b12-2e48-11f1-b47f-42010aa4000b | |
|---|---|---|
| File name: | b68de150b2ac4d6ca6bb83eaa5cf4f65600dabc3d4745d88444e4708d60554db.elf | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | SHA512_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for SHA384/SHA512 constants |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | TH_Generic_MassHunt_Linux_Malware_2026_CYFARE |
|---|---|
| Author: | CYFARE |
| Description: | Generic Linux malware mass-hunt rule - 2026 |
| Reference: | https://cyfare.net/ |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | upx_packed_elf_v1 |
|---|---|
| Author: | RandomMalware |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | WHIRLPOOL_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for WhirlPool constants |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | b9cca468-2e47-11f1-b47f-42010aa4000b | |
|---|---|---|
| File name: | wlan.mips | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | SHA512_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for SHA384/SHA512 constants |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | TH_Generic_MassHunt_Linux_Malware_2026_CYFARE |
|---|---|
| Author: | CYFARE |
| Description: | Generic Linux malware mass-hunt rule - 2026 |
| Reference: | https://cyfare.net/ |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | upx_packed_elf_v1 |
|---|---|
| Author: | RandomMalware |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | WHIRLPOOL_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for WhirlPool constants |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 96949b13-2e47-11f1-b47f-42010aa4000b | |
|---|---|---|
| File name: | wlan.mips | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | SHA512_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for SHA384/SHA512 constants |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | TH_Generic_MassHunt_Linux_Malware_2026_CYFARE |
|---|---|
| Author: | CYFARE |
| Description: | Generic Linux malware mass-hunt rule - 2026 |
| Reference: | https://cyfare.net/ |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | upx_packed_elf_v1 |
|---|---|
| Author: | RandomMalware |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | WHIRLPOOL_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for WhirlPool constants |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 72a4bf6c-2e47-11f1-b47f-42010aa4000b | |
|---|---|---|
| File name: | wlan.mips | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | SHA512_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for SHA384/SHA512 constants |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | TH_Generic_MassHunt_Linux_Malware_2026_CYFARE |
|---|---|
| Author: | CYFARE |
| Description: | Generic Linux malware mass-hunt rule - 2026 |
| Reference: | https://cyfare.net/ |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | upx_packed_elf_v1 |
|---|---|
| Author: | RandomMalware |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | WHIRLPOOL_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for WhirlPool constants |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.
Task Information
| Task ID: | 4f2432a0-2e47-11f1-b47f-42010aa4000b | |
|---|---|---|
| File name: | wlan.mips | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | True | |
| Share file: | True | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | SHA512_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for SHA384/SHA512 constants |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | TH_Generic_MassHunt_Linux_Malware_2026_CYFARE |
|---|---|
| Author: | CYFARE |
| Description: | Generic Linux malware mass-hunt rule - 2026 |
| Reference: | https://cyfare.net/ |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | upx_packed_elf_v1 |
|---|---|
| Author: | RandomMalware |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | WHIRLPOOL_Constants |
|---|---|
| Author: | phoul (@phoul) |
| Description: | Look for WhirlPool constants |
| TLP: | TLP:WHITE |
| Repository: |
Unpacker
The following YARA rules matched on the unpacked file.
Unpacked Files
The following files could be unpacked from this sample.