YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash b6b40d59fcb7bc2b533fd42eec61a1296a39c9da2f9d45124bb8a58b56c09020.

Scan Results

SHA256 hash: b6b40d59fcb7bc2b533fd42eec61a1296a39c9da2f9d45124bb8a58b56c09020
File size:236'995 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 003e6bb33cd1db3b9d68b0f4af495230
SHA1 hash: 0cbc1ca4c1e943da880d95ca4578d524d7f30959
SHA3-384 hash: 43d631bcef2fbaf0cc7d6663a8a570f5b7ac0838af471dae6d90229889c5c389e32df936cc8ae4c90ed9533a90c7aef7
First seen:2025-11-21 02:54:34 UTC
Last seen:Never
Sightings:1
imphash : 3e3d633779e35448851e7a9ca7e72522
Create hunting rule
ssdeep : 3072:CR4jdNqTqHLklZpb4RrRDwRQjZ3phRrbPq:MafcE1xph5
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 92a0ac9aaaea7a72
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:6934e6fd-c685-11f0-adeb-42010aa4000b
File name:003e6bb33cd1db3b9d68b0f4af495230
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Win.Malware.Cosmu-10013266-0
Create hunting rule
Signature:Win.Malware.Cosmu-10019841-0
Create hunting rule
Signature:Win.Malware.Jaik-10022565-0
Create hunting rule
Signature:Win.Worm.Cosmu-10018412-0
Create hunting rule
Signature:Win.Worm.Memscan-6888029-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_EXE_Packed_MPress
Create hunting rule
Author:ditekSHen
Description:Detects executables built or packed with MPress PE compressor
TLP:TLP:WHITE
Repository:diˈtekSHən
Rule name:TeslaCryptPackedMalware
Create hunting rule
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.