YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash ece2e26b1ba653ff0dd47a2f2527d4b018ca14ce53a735a1d4b4c8090b519efe.

SHA256 hash:	ece2e26b1ba653ff0dd47a2f2527d4b018ca14ce53a735a1d4b4c8090b519efe
File size:	394'641 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	2096033d8a2a2dab567386a6fc61b044
SHA1 hash:	e7adf909c9e27fca84ea70f5af752f5a1a37b12a
SHA3-384 hash:	4019f39e1f91dc77d85a5461c96e64dac80db4fdd45464951f5f5c989917e9cafcbeaee8f9c01ac60a7596695ced926d
First seen:	2026-04-12 16:58:32 UTC
Last seen:	Never
Sightings:	1
imphash :	n/a
ssdeep :	12288:LUrHGsZnPX542J17agcSLM74kNZQczUB2R77yllpDANgbrYn5vq:LL8AKbrYn5S
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	pe_no_import_table Create hunting rule
Author:
Description:	Detect pe file that no import table
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	VECT_Ransomware Create hunting rule
Author:	Mustafa Bakhit
Description:	Detects activity associated with VECT ransomware. This includes registry modifications and deletions, execution of system and defense-evasion commands, suspicious API usage, mutex creation, file and memory manipulation, ransomware note generation, anti-debugging and anti-analysis techniques, and embedded cryptographic constants (SHA256) characteristic of this malware family. Designed for threat intelligence and malware detection environments.
TLP:	TLP:WHITE
Repository:	YARAify

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-04-12 16:58:32 UTC Static: 4 Unpacker: 0 ClamAV: 0