YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash c04d75fdcd83aebe4a37d2587bc32b5e77f87688ff03e5001039845d3d07b226.

Scan Results


SHA256 hash: c04d75fdcd83aebe4a37d2587bc32b5e77f87688ff03e5001039845d3d07b226
File size:10'411'474 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 9a801b1d93d8857609f7e13de14dc6fc
SHA1 hash: 40e01f7088d3a01dc534c5b5c53e5c3547e4bee8
SHA3-384 hash: 225161682389d95eb7a5c1e04061247b7f69482919e3d272ce595e57721ec08daf69f0eac2d1f72efd05e2a3049d72c1
First seen:2023-01-25 09:38:52 UTC
Last seen:Never
Sightings:1
imphash : dbdf168f8fac09b1b80052fb08232653
ssdeep : 98304:Ro6fPKNyv6LBDFYWjv4p4nhJuRgIDH2oIAxOT90wvl/EDCP8lR9J:RLPEy6LBmC4p4hJuRBDH2FCOTlG
TLSH : T175A66B8DA7F48AE4D167C274C59686B3FAB0B8458D345B1B1190D71E3F33EE2AA1E710
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:14064bf7-9c94-11ed-98c2-42010aa4000b
File name:7ffbbe6d0000.clr.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_xfilesstealer_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.xfilesstealer.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.