YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash e5019466d7245de6dec2d0ffc344931d9dfc3adaf1721f0f4e15223fe4f0b2b9.

Scan Results


SHA256 hash: e5019466d7245de6dec2d0ffc344931d9dfc3adaf1721f0f4e15223fe4f0b2b9
File size:10'410'553 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 150dd8d1d1b3b288728b1eac7fa27be5
SHA1 hash: e8d13fa0f2f1f46c88b132c79e8d11f3849164fd
SHA3-384 hash: 6c391f228276049eab0b3a0a5effcb3b894b518079a1e5025c6d30c35b79a5a56d1d28d361609b40ac28ab45e50a7dab
First seen:2023-01-25 09:30:25 UTC
Last seen:Never
Sightings:1
imphash : 96d57bdc133ddf7774dfba15a66f596a
ssdeep : 98304:io6fPKNyv6LBDFYWjv4p4nhJuRgIDH2oIAxOT90wmOsEDCP8I:iLPEy6LBmC4p4hJuRBDH2FCOTDs
TLSH : T1DBA67C8DABF486F0D167C274C59686B3EAB0B8459D34871F1190D75E2F33EA2DA2E710
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:e602c3bc-9c92-11ed-98c2-42010aa4000b
File name:7ff855c60000.clr.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:win_xfilesstealer_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:Detects win.xfilesstealer.
TLP:TLP:WHITE
Repository:malpedia

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.