YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash dd7f4980bb2e1dcba7922c4bcc344294234f2606434e827653d0f303f33b8947.

Scan Results


SHA256 hash: dd7f4980bb2e1dcba7922c4bcc344294234f2606434e827653d0f303f33b8947
File size:10'114'031 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 906ebe8d53c8a16b4530d796cf6c5fa6
SHA1 hash: 8345aa6e495fda75c7f3b731972303cbe76ac065
SHA3-384 hash: c735c5618932808dac616a0e80866f4796069af7564ee9a48a4d313dbb946017c618e1c93b1accf68ab3a58011abb3dd
First seen:2022-11-24 19:52:01 UTC
Last seen:Never
Sightings:1
imphash : 3981b2e19edaa4b252039a011d019398
ssdeep : 196608:3bTNCWH+CZyH9YkaLarfW42p+8eZJ1bE72D9:HMWH+CZJOrfWFp+8IVE7C9
TLSH : T1BCA64B65F6AA81B5D137D0BEC6C7D75BEAB1384467304EC711028B9A1E377E2853A323
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:76e3afa3-6c31-11ed-a71a-42010aa4000b
File name:7fff548e0000.mscorwks.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:Mimikatz_Generic
Author:Still
Description:attempts to match all variants of Mimikatz
TLP:TLP:WHITE
Repository:malware-bazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.