YARAify Task Results
YARAify scan results for task ID 5ffa6eae-582b-11ed-81b2-42010aa4000b.
Scan Results
| Task ID: | 5ffa6eae-582b-11ed-81b2-42010aa4000b | |
|---|---|---|
| Task parameters: | clamav_scan: | True |
| unpack: | False | |
| share_file: | True | |
| Submission time: | 2022-10-30 08:18:03 UTC | |
| Scan time: | Scan took 643 seconds | |
| File name: | yFPN | |
| File size: | 260'679 bytes | |
| File download: | Original | |
| MIME type: | application/octet-stream | |
| SHA256 hash: | ca5b26f8d5a11607966ed77cb46045c8fe6246c5e0f1cbc5fcc969ca1446f516 | |
| MD5 hash: | 7b7dc13a91d8af68b874cd8e4869c97d | |
| SHA1 hash: | 7c71a86759fc9a0f56b37fc86d2277fb74014c6a | |
| SHA3-384 hash: | c097a4737a4b5df504bb470a5b646a80775d274a1a64cd7fde3e50e1ddc5e75edeb25e4e09b0a27327332ee38e3c0144 | |
| First seen: | 2022-10-30 08:18:03 UTC | |
| Last seen: | Never | |
| Sightings: | 1 | |
| imphash : | n/a | |
| ssdeep : | 6144:+iU4yGPezDyPXdlSkgOQq/eY2SVYAxlvNIjVv5JxDlsWqvn8c:s45Pa+fdlSkLQlCVYA6lJlO/8c | |
| TLSH : | T19B44DF6351D21C71FBA1815D0019328F5825AC6C6ED4CCEFEFABD62BCC7D6341A3A25A | |
| telfhash : | n/a | |
| dhash icon : | n/a | |
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | Cobaltbaltstrike_Beacon_XORed_x64 |
|---|---|
| Author: | Avast Threat Intel Team |
| Description: | Detects CobaltStrike payloads |
| Reference: | https://github.com/avast/ioc |
| TLP: | TLP:WHITE |
| Repository: | Neo23x0 |
| Rule name: | CS_encrypted_beacon_x86_64 |
|---|---|
| Author: | Etienne Maynier tek@randhome.io |
| TLP: | TLP:WHITE |
| Repository: | MalwareBazaar |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
No matches