YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash d2e6a99d6860e0f899455bd68a15c9fcf822a8a33c7166328d59e2d4c079554a.

Scan Results

SHA256 hash: d2e6a99d6860e0f899455bd68a15c9fcf822a8a33c7166328d59e2d4c079554a
File size:15'052'200 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 2173f0e0abacf389493e8f3dd248c9a1
SHA1 hash: 91f140721812b3ca526cdbfb967a6290da7791c7
SHA3-384 hash: b4b46908b175876f1f8725059b3b1c1fd73b7994e16f38cdabc5036c7fd12b4b150c6addc5236976c3a9e579d7058d77
First seen:2026-04-02 15:54:37 UTC
Last seen:Never
Sightings:1
imphash : a413ffcb413e398d1f798a0daa527855
Create hunting rule
ssdeep : 196608:DTjYROtAQ3VC9RK8vR2e60W8UAOUurHm/uhHToAUPNfGU5vXvLu2TuG9XLEIdI7d:3mOtk9LtW8nuCmhHTodRGkXT9v9X1gA
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : 1113c9f0f425ad8c
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:40c16f51-2eac-11f1-b47f-42010aa4000b
File name:2173f0e0abacf389493e8f3dd248c9a1
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:INDICATOR_EXE_Packed_Themida
Create hunting rule
Author:ditekSHen
Description:Detects executables packed with Themida
TLP:TLP:WHITE
Repository:diˈtekSHən
Rule name:upxHook
Create hunting rule
Author:@r3dbU7z
Description:Detect artifacts from 'upxHook' - modification of UPX packer
Reference:https://bazaar.abuse.ch/sample/6352be8aa5d8063673aa428c3807228c40505004320232a23d99ebd9ef48478a/
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.