YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash cd748d7d5a9ba44ededbb7ed4250090e56fabdd1d0f98c9ff044cd0c8563ef62.

Scan Results


SHA256 hash: cd748d7d5a9ba44ededbb7ed4250090e56fabdd1d0f98c9ff044cd0c8563ef62
File size:10'410'727 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: d760e2773abeaabb64901478b3331515
SHA1 hash: ba5e8593e055a742a110e777e61d6d1d32a5ec77
SHA3-384 hash: 22d116f42a0e1a65bd8e6da2bdae33b417ada907ec098b20c92a512c488df03445993bc061f59fccfe0a1571248ecc9d
First seen:2022-11-24 19:39:17 UTC
Last seen:Never
Sightings:1
imphash : cceac8a3696943f9f68f0d0f4f87986c
ssdeep : 98304:ro6fPKNyv6LBDFYWjv4p4nhJuRgIDH2oIAxOT90wsEDCP83:rLPEy6LBmC4p4hJuRBDH2FCOTQ
TLSH : T16AA67B8DA7F486F0C167C2F6C59686B3EAB078858D34971B11D0D71E2F33EA29A1E711
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:af4af1bf-6c2f-11ed-a71a-42010aa4000b
File name:7ffc851a0000.clr.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_xfilesstealer_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.xfilesstealer.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.