YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash bc151b317a26adc7573e4731b455f95a9236af5da24e2653f66c214cf5009130.

SHA256 hash:	bc151b317a26adc7573e4731b455f95a9236af5da24e2653f66c214cf5009130
File size:	4'136'704 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	0f09490615bc029f9179e9e30da4f564
SHA1 hash:	6f8eafa7f9c9ad68898ccf1d25cdae29a848d2f8
SHA3-384 hash:	7f2accbccd423da88b83832b227abd43d3e33d2564e070cc7b3b9a5ae6f3f75c2518e7f82528cf42ce5c77fc42f34034
First seen:	2026-04-01 16:54:11 UTC
Last seen:	Never
Sightings:	1
imphash :	48e7a8c3fc10868226c74e6159ae0fbe Create hunting rule
ssdeep :	98304:EybME//xp+Ki0eGd1UY849R4RdrQ74Y9cYF2Rr+:Eybz+Kfd2496boOy
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	ceae1586868eae00 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	DebuggerCheck__API Create hunting rule
Reference:	https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:	TLP:WHITE

Rule name:	golang_bin_JCorn_CSC846 Create hunting rule
Author:	Justin Cornwell
Description:	CSC-846 Golang detection ruleset
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	TH_AntiVM_MassHunt_Win_Malware_2026_CYFARE Create hunting rule
Author:	CYFARE
Description:	Detects Windows malware employing anti-VM / anti-sandbox evasion techniques across VMware, VirtualBox, Hyper-V, QEMU, Xen, and generic sandbox environments
Reference:	https://cyfare.net/
TLP:	TLP:WHITE
Repository:	YARAify

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-04-01 16:54:11 UTC Static: 4 Unpacker: 0 ClamAV: 0