YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash d921651414f6afa58f065c8db97910b7c8eb0b9f2ba0528cd0bd43e1e9a43281.

Scan Results

SHA256 hash: d921651414f6afa58f065c8db97910b7c8eb0b9f2ba0528cd0bd43e1e9a43281
File size:81'920 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 86ff5bd4fe87d213c78e53808d123ac3
SHA1 hash: dbe518e812c90b2b3b74ad646cd374dfe9ba08ce
SHA3-384 hash: 4a774c6879c9b022514ea2c8c9b22bde8a58767aaec496a0e805ad63fc2670ebab2c860c86e19c105896238aa2fe8ce8
First seen:2026-03-03 00:14:38 UTC
Last seen:Never
Sightings:1
imphash : 0bcb9a0c9b5eaeeed27967df3a36d762
Create hunting rule
ssdeep : 1536:6BycCc8Qg1ZvPEZ56v12eSxlX9qNlmDWhX4eUz9Uw:6ByG56v1CxlX9qNlmWhjUOw
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon : dc98c8c8982ce494
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:f7b417e4-1695-11f1-b47f-42010aa4000b
File name:400000.murzuja.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:DebuggerCheck__API
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
TLP:TLP:WHITE
Rule name:FreddyBearDropper
Create hunting rule
Author:Dwarozh Hoshiar
Description:Freddy Bear Dropper is dropping a malware through base63 encoded powershell scrip.
TLP:TLP:WHITE
Repository:YARAify
Rule name:golang_bin_JCorn_CSC846
Create hunting rule
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
TLP:TLP:WHITE
Repository:YARAify

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.