YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash f2a77710132762e3db746ccb05d6ce44617c8d1bb5d1101de6cd36c0ea278329.

SHA256 hash:	f2a77710132762e3db746ccb05d6ce44617c8d1bb5d1101de6cd36c0ea278329
File size:	7'168 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	10e21f2f6f16d45a9024d64014c9c133
SHA1 hash:	0a43a095d9496206fcd21e90e8b0e398daa9d2ea
SHA3-384 hash:	343c2c7013bf23fc0b3ba82775168abfc11a5c1c49a0d08f24268d8f753584fbaa0eb721f1add8bae05788e5c8576136
First seen:	2026-03-11 15:34:20 UTC
Last seen:	Never
Sightings:	1
imphash :	c2d02fc98f1d75d7b9457468ec75da0e Create hunting rule
ssdeep :	24:eFGSG9wSX+UIh/My58XZh9h9ClfAh6sjhIAJG4up+:iG+y+x2yeXZh9hMlu6wxJG4b
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	SecuriteInfo.com.Trojan.Inject6.5094.UNOFFICIAL Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	metasploit_rev_tcp_32 Create hunting rule
Author:	Javier Rascon
TLP:	TLP:WHITE
Repository:	MalwareBazaar

Rule name:	meth_peb_parsing Create hunting rule
Author:	Willi Ballenthin
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	classified
Description:	classified

Rule name:	Windows_Trojan_Metasploit_0cc81460 Create hunting rule
Author:	Elastic Security
TLP:	TLP:WHITE
Repository:	elastic

Rule name:	Windows_Trojan_Metasploit_4a1c4da8 Create hunting rule
Author:	Elastic Security
Description:	Identifies Metasploit 64 bit reverse tcp shellcode.
TLP:	TLP:WHITE
Repository:	elastic

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2026-03-11 15:34:20 UTC Static: 6 Unpacker: 0 ClamAV: 1