YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash cacf492fb01dd445f25826537ef477d62df0198793fa6d2db3d4afb0295175ae.

Scan Results


SHA256 hash: cacf492fb01dd445f25826537ef477d62df0198793fa6d2db3d4afb0295175ae
File size:2'736'128 bytes
File download: Original
MIME type:application/octet-stream
MD5 hash: f17e98e16a23b11a45f23e67347a2085
SHA1 hash: fb10473772f53ff07e78ba8cafc3bf75d0fce648
SHA3-384 hash: ad5dccf6e0fa1197954f6e85d59e08919d7ce7832091a337ac57944209fd334b7fcd9d037b8bca7d729b7fa80fc5f671
First seen:2022-11-24 19:51:58 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 6144:Eq6qeC89XR7BKB97RgtPzoT+JYVj1kZQMBtjrJjO6138PrhN:WCCpBKB97RgtPzoT+6j1WOhN
TLSH : T15FC54155CC41859EC5764AF1CCFA8974733320CB720A0F0657DEA621FDA224E6BD1AFA
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:74c2b7b9-6c31-11ed-a71a-42010aa4000b
File name:14830000.shc
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:RAT_njRat
Author:Kevin Breen <kevin@techanarchy.net>
Description:Detects njRAT
Reference:http://malwareconfig.com/stats/njRat
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:classified
Author:classified
TLP :TLP:GREEN
Rule name:win_njrat_w1
Author:Brian Wallace @botnet_hunter <bwall@ballastsecurity.net>
Description:Identify njRat
TLP:TLP:WHITE
Repository:malpedia
Rule name:Windows_Trojan_Njrat_30f3c220
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.