YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash f602227abc7a7b3764d18ff283a20046ad248761d0ce63646f829b28cc014126.

Scan Results


SHA256 hash: f602227abc7a7b3764d18ff283a20046ad248761d0ce63646f829b28cc014126
File size:922'984 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: 02953c72b95514d2b2b86a59e3dbbd78
SHA1 hash: 0ffebc739c0d0550c9ba3d96722fc33d455e5ceb
SHA3-384 hash: 450efc50e1ffdc477a86b77c9dcc71d11de4625f11a376fc11c549c726e382fc7d4e21b03a785fc7c93709f6e968c400
First seen:2022-11-24 19:55:09 UTC
Last seen:Never
Sightings:1
imphash : efb432243a545f391b1cc497dbec7d1b
ssdeep : 24576:IbnUdeJNrR4ZhVC6/RvUWkGOLP9gwxoG6smx25E4hk9:gnUeKZH3dUWklLP9gMnmxmh
TLSH : T106157C12A3AC52A4F46FD1B9C657460BF6B2B8152320DE8F07608E053F67BA16F3D716
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks


You can browse the 10 most recent tasks associated with this file blow.

Task Information


Task ID:e6e27e36-6c31-11ed-a71a-42010aa4000b
File name:7ffb38f60000.winhttp.dll
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results


The file matched the following open source and commercial ClamAV rules.

YARA Results


Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:command_and_control
Author:CD_R0M_
Description:This rule searches for common strings found by malware using C2. Based on a sample used by a Ransomware group
TLP:TLP:WHITE
Repository:CD-R0M

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files


The following files could be unpacked from this sample.