YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash bfd46f347a7cd01d1ac191cd8f6a9b85164428fed7a57f244c6e7ed7fb8d4449.

Scan Results


SHA256 hash: bfd46f347a7cd01d1ac191cd8f6a9b85164428fed7a57f244c6e7ed7fb8d4449
File size:17'363'264 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 84eee462528c95cec67989976510228e
SHA1 hash: e78195fff43a9e58063986254b4590b428d4800c
SHA3-384 hash: e6e18fb42346d2501ebebdbf0e0d123f03b9d47d50ac19aa703bfa63ccb6314d22b13d03f5ed99d901eaac4aa534835b
First seen:2022-11-24 19:43:35 UTC
Last seen:Never
Sightings:1
imphash : d7c95a674b75c92353ecdeea633a58bd
ssdeep : 6144:8UDaPyVGjkswB9zLbuEsSE/2VsgBus/K+7N+JV:8gaP9jksK9juEHf7NOV
TLSH : T107077D55E291C439D0E351F82A67C67BAD5C7EF05234A083B3C49F27A9702F2FB52A52
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:492b5d56-6c30-11ed-a71a-42010aa4000b
File name:4390000.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_EXE_Packed_SimplePolyEngine
Author:ditekSHen
Description:Detects executables packed with Sality Polymorphic Code Generator or Simple Poly Engine or Sality
TLP:TLP:WHITE
Repository:ditekshen
Rule name:classified
Author:classified
Description:classified
TLP :TLP:GREEN

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.