YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash cc4cc9e23d1cd4063c4f7b98f4b7685db2e95dde455877451df20cb5ca9bd8d1.

SHA256 hash:	cc4cc9e23d1cd4063c4f7b98f4b7685db2e95dde455877451df20cb5ca9bd8d1
File size:	53'200 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	9209733aec842f4f139670e10fa83e2c
SHA1 hash:	a8f9467e72db3051fb04548969f65728116ba13e
SHA3-384 hash:	77015cc5e370487c4875aa57f176828768dce0c7f77999cb7be2b61aa5e91c3311107349c95cb8cf7328c4908e4da43e
First seen:	2026-04-27 20:58:02 UTC
Last seen:	Never
Sightings:	1
imphash :	3d76acaa0ea7f33b32e74149aa1f8848 Create hunting rule
ssdeep :	384:quq+ZW/ES7E7aXltrV7xnIBTf6biPa0r5K0P38XDYXfTNHdPV/6IZ+PJA2UvXXuI:qOrUAYlBuTf6bKa0E/MXhyk+UX4KF
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	VECT_Ransomware Create hunting rule
Author:	Mustafa Bakhit
Description:	Detects activity associated with VECT ransomware. This includes registry modifications and deletions, execution of system and defense-evasion commands, suspicious API usage, mutex creation, file and memory manipulation, ransomware note generation, anti-debugging and anti-analysis techniques, and embedded cryptographic constants (SHA256) characteristic of this malware family. Designed for threat intelligence and malware detection environments.
TLP:	TLP:WHITE
Repository:	YARAify

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-04-27 20:58:02 UTC Static: 2 Unpacker: 0 ClamAV: 0