YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash dbaaeb9b76039d180ef5ee28cb1f94ba8638f761ad63524aaa1c11d8952b6d9e.

SHA256 hash:	dbaaeb9b76039d180ef5ee28cb1f94ba8638f761ad63524aaa1c11d8952b6d9e
File size:	577'536 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	1729e832d1739e348d610747a3ce6655
SHA1 hash:	988328dea91f3a30ca6aacc8c0419ece91a22df2
SHA3-384 hash:	db8f447174f7c2b55274b549a8a483fbca2a931c2fc645a96c824c297bc53e3a0d8b57919dcb322b50e0a94c6f81ddd5
First seen:	2026-04-12 17:05:46 UTC
Last seen:	Never
Sightings:	1
imphash :	f34d5f2d4577ed6d9ceec516c1f5a744 Create hunting rule
ssdeep :	6144:mAuW8Iio4wo+aLurwUJ+nHxeBi8eDVeBi8eDSeC+DeeAeBi8eDrpq:aIigo+qw
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	Detect_PowerShell_Obfuscation Create hunting rule
Author:	daniyyell
Description:	Detects obfuscated PowerShell commands commonly used in malicious scripts.
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	NETexecutableMicrosoft Create hunting rule
Author:	malware-lu
TLP:	TLP:WHITE
Repository:

Rule name:	PE_Digital_Certificate Create hunting rule
Author:	albertzsigovits
TLP:	TLP:WHITE
Repository:

Rule name:	pe_imphash Create hunting rule
TLP:	TLP:WHITE
Repository:	MalwareBazaar

Rule name:	Skystars_Malware_Imphash Create hunting rule
Author:	Skystars LightDefender
Description:	imphash
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-04-12 17:05:47 UTC Static: 6 Unpacker: 0 ClamAV: 0