YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash e7da583bbe159fb06e40a40615beb11f2a5fb5b7a5570e7d3a665ea4fcf75d09.

Scan Results

SHA256 hash: e7da583bbe159fb06e40a40615beb11f2a5fb5b7a5570e7d3a665ea4fcf75d09
File size:241'664 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: eebff8f71dd02b4ec26aab78efcbd95c
SHA1 hash: b4999277d64cfcc74886b88bdb386b9fafaa5e8e
SHA3-384 hash: d7730ff288716dbdfe483ee0fc2d2b49bc735dbb0dd3e80df6d3e67663712ceff63f15b1672dcf3b2b2b347bc3a1a840
First seen:2025-12-18 02:23:53 UTC
Last seen:Never
Sightings:1
imphash : c9246f292a6fdc22d70e6e581898a026
Create hunting rule
ssdeep : 1536:07+eltm8Y6jHO86s/rzMwRJ/rPFW2iwT:WllL7O86s/vMWJFW2VT
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:98cf086c-dbb8-11f0-9df4-42010aa4000b
File name:400000.Hmlfma32.exe
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:PUA.Win.Packer.Lccwin-2
Create hunting rule
Signature:SecuriteInfo.com.BackDoor.HangUp.43914.UNOFFICIAL
Create hunting rule
Signature:Win.Trojan.Berbew-9845290-1
Create hunting rule
Signature:Win.Trojan.Crypted-29
Create hunting rule
Signature:Win.Trojan.Obfus-38
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
TLP:TLP:WHITE
Repository:YARAify
Rule name:classified
Author:classified
Description:classified
TLP :TLP:GREEN

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.