YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash d4ce6164ec7edbe64485a19b24930edb814031a2a1b2e33e1c4b31defd0aaa10.

Scan Results

SHA256 hash: d4ce6164ec7edbe64485a19b24930edb814031a2a1b2e33e1c4b31defd0aaa10
File size:515'584 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: ddc24db16e4ec31217f7f6fc0da669b3
SHA1 hash: b0d49f96c37088139aa0844322539c47a2d3cc90
SHA3-384 hash: 7025d8cd8fd9390c1a3067aee2b399fd0ed1adccd056479f560d72d82cac69dd1448176c79715c0e4aaaf618d435fc1f
First seen:2026-01-21 16:46:32 UTC
Last seen:Never
Sightings:1
imphash : dae02f32a21e03ce65412f6e56942daa
Create hunting rule
ssdeep : 12288:0wkuHH6PcatESGKf1+KR81DSFhGvn0yu4+3bMstRzLitJnLWxlGAvzuIIiuDfU:0ruHH6PcatESGKf1+KR81DSFhGvntu4k
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:bdd5021e-f6e8-11f0-9df4-42010aa4000b
File name:ddc24db16e4ec31217f7f6fc0da669b3
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:extracted_at_0x44b
Create hunting rule
Author:cb
Description:sample - file extracted_at_0x44b.exe
Reference:Internal Research
TLP:TLP:WHITE
Repository:MalwareBazaar
Rule name:NETDLLMicrosoft
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:
Rule name:xtreme_rat
Create hunting rule
Author:Kevin Falcoz
Description:Xtreme RAT
TLP:TLP:WHITE

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.