YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash eec540d0dc0e85ce2868818ef05500e0cb57d55d1b7313f81b799c17953eed59.

SHA256 hash:	eec540d0dc0e85ce2868818ef05500e0cb57d55d1b7313f81b799c17953eed59
File size:	569'520 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	6014a5efb7d3dae68d1e3fe91ca73ee6
SHA1 hash:	d17a05b17b2921aae98d86b2169bc7b876dd637d
SHA3-384 hash:	612487c6f2567bcaff70c99ffd53920d5aca9d33be434a9755a7fccc14c3092c94440a6da7e3770cb75022c92b8ebfc4
First seen:	2026-01-15 15:29:25 UTC
Last seen:	Never
Sightings:	1
imphash :	2fb819a19fe4dee5c03e8c6a79342f79 Create hunting rule
ssdeep :	12288:JyIFgS1XcAg933FNenGbcogzVQH/OOC7d0BRVvG9C+Zg:JyIasVEu7ZOxMuBRUE
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	b298acbab2ca7a72 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	pe_detect_tls_callbacks Create hunting rule
Author:
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	PE_Digital_Certificate Create hunting rule
Author:	albertzsigovits
TLP:	TLP:WHITE
Repository:

Rule name:	ScanStringsInsocks5systemz Create hunting rule
Author:	Byambaa@pubcert.mn
Description:	Scans presence of the found strings using the in-house brute force method
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	shellcode Create hunting rule
Author:	nex
Description:	Matched shellcode byte patterns
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-01-15 15:29:25 UTC Static: 5 Unpacker: 0 ClamAV: 0