Statistics

YARAify produces detailed statistics on files scanned, including associated detections - find the available statistics below.

You can also access Spamhaus's Malware Digest report, based on YARAify data:

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 30 days.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past 30 days.

API requests

The illustration below documents the number of API requests over the past 30 days.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 14 days.

Task countYARA RuleAuthorLast match
645'221RansomPyShield_AntiransomwareXiAnzheng2024-11-21
534'903SEH__vba2024-11-21
400'813Sus_Obf_Enc_Spoof_Hide_PEXiAnzheng2024-11-21
207'091DebuggerCheck__API2024-11-21
186'736RANSOMWAREToroGuitar2024-11-21
125'208pe_detect_tls_callbacks2024-11-21
101'897NETmalware-lu2024-11-21
74'555MD5_Constantsphoul (@phoul)2024-11-21
61'417UPXV200V290MarkusOberhumerLaszloMolnarJohnReisermalware-lu2024-11-21
57'186command_and_controlCD_R0M_2024-11-21
51'973UPXv20MarkusLaszloReisermalware-lu2024-11-21
46'356RIPEMD160_Constantsphoul (@phoul)2024-11-21
46'356SHA1_Constantsphoul (@phoul)2024-11-21
45'760malware_shellcode_hashJPCERT/CC Incident Response Group2024-11-21
42'638WarpSeth Hardy2024-11-21

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 14 days.

Task countClamAV SignatureLast match
1'647'171PUA.Win.Packer.Lccwin-22024-11-20
1'091'647Win.Trojan.Obfus-382024-11-20
958'185Win.Trojan.Qukart-6874817-02024-11-20
957'115Win.Trojan.Padodor-10016488-02024-11-20
791'677Win.Malware.Qukart-6838239-02024-11-20
508'657Win.Malware.Midie-6847981-02024-11-20
490'121Win.Dropper.Ajku-10014126-02024-11-20
490'026Win.Trojan.Berbew-9845290-12024-11-20
483'182Win.Dropper.Vbclone-10036195-02024-11-20
477'781Win.Trojan.Barys-10005825-02024-11-20
448'669Win.Malware.Generickdz-10004857-02024-11-20
412'160Win.Malware.Midie-6848630-02024-11-20
405'609Win.Malware.Midie-6847894-02024-11-20
319'094SecuriteInfo.com.BackDoor.HangUp.43874.UNOFFICIAL2024-11-20
302'192Win.Packed.Generic-9967832-02024-11-20

Most seen files

Most seen files scanned by YARAify in the past 14 days.

Task countSHA256 hashLast seen
622c4aa1f5bdaeb179eec2ee31af7d8308414fd79925b381e0618498bcc39520b3c2024-11-09
454659e9566120d02301b34aad279ca1bcb20855cf52b0bd1b67cf5f6f5b3c83f9e2024-11-13
451c3eb38cf793c2608f316262ce31d80c3013cbd0b55d36972afdee3ef9257bdda2024-11-13
3974a241076b4b1b372fde0abb19157a02063f1bfe504c5d880092ba2e004245d9a2024-11-12
389eecd568d037dcd85f8c79b9ae76f19e4b51511dea4c9e7e754b3a093ef78b0742024-11-12
282824b86a416457a03e72711552530d1d282cf65043a516e80e5c5906979d0f2b12024-11-17
278ff73c1be72c662ad73c5de0e1e3d023db160f7150611be81223c3794e66471142024-11-18
259e4c5311d918ffeec4a87f4c66e2e00f8c4a350bfbf2578a15c13a36c496eb9342024-11-18
257056bb7b73c5643233f3e5768e46aef41baa7b1d5916f65e427207f78fa08e1802024-11-18
254374aca0b64bbda4d307d38dc2531ba6b0f3516f73df327ae8073f180be1b6b972024-11-13
2535329c61ad8f4b9da6cf354a74964498077299babc5654de29d4801bf5ae16d5b2024-11-18
253dd657c490a778b2d77b3a5fd50a3fa26e502256baca154648a842c77996cfc5a2024-11-13
2533ac063bc25e252c5b55edab917a177d71083ebb70d26e35d3f0c0427825fdb532024-11-13
252a846e3e8d71bdf2f268b568730648a14e07530b9eaa99aa79d5318f634e56a992024-11-18
2520cacb0c81d087fa6b8c80a80408976195ff84578c93bb225058478bb198fca652024-11-13

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 14 days.

Task countdhash iconLast seen
303'35718b1b1b17068c8802024-11-20
122'30358b1b1b17068c8802024-11-20
39'777d8d0d4d8ececece42024-11-18
20'3141003873db9313e102024-11-20
10'6641003873d31213f102024-11-20
8'943f8f0f4c8c8c8d8f02024-11-20
8'16569ccd4d49696cc712024-11-20
6'877c883a69c94a683c82024-11-20
5'71119b1b1b17068c8802024-11-20
5'3209919aca682a881a92024-11-20
5'00030e4c0d8b686e4642024-11-20
4'32204ccfee2ece4a4842024-11-20
3'37000ccc4d0c4fc7c002024-11-20
3'31571e8d4968ecc68f92024-11-20
2'63518b1b1b17068c8812024-11-20

Top imphash

Top imphash observed on files scanned by YARAify in the past 14 days.

Task countimphashLast seen
512'5256db997463de98ce64bf5b6b8b0f77a452024-11-20
475'322c9246f292a6fdc22d70e6e581898a0262024-11-20
461'5205d6cad172c5535e4b6b6bbd2465716212024-11-20
322'9444dcbc0931c6f88874a69f966c86889d92024-11-20
176'63546f03ef2495b21d7ad3e8d36dc03315d2024-11-20
40'245c06ddfbe3366daddf0cfd3e63c1b53902024-11-18
37'9913f8d79e42b0b7cecf379b1ddce4e422a2024-11-20
37'68787914047e74de74a89c530e3bb19409e2024-11-20
19'242dae02f32a21e03ce65412f6e56942daa2024-11-20
17'507e4742a62fda2e64b586a5b84efe3f0402024-11-20
13'795f34d5f2d4577ed6d9ceec516c1f5a7442024-11-20
12'790bf5a4aa99e5b160f8521cadd6bfe73b82024-11-20
9'873be6fa16f501de575a1d8eaaac5246ba02024-11-20
9'075a12d186f65c99f872323a61923ce70d82024-11-20
6'58788478c1f74f94f7e1e9654193a1e02b32024-11-20

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 days.

Task counttlshLast seen
454T100B2CFA5E6942C4CFCD3C7D71522389E657D7223CBE52AD330304A46BC42EEEAA1715B2024-11-13
451T1FBB2BFA5D6842C4CFCD3C7D71522389E657D7223C7E52AD330314A46BC42EEEAA1715B2024-11-13
144T1D7819E61842314C4F557CEF4D51BE869BFA5734550584E1423E0705A4BCBA1427551A32022-02-08
144T12D832A66B4C3473BC045BFB50B5449AAB722E8203961C0F733E82F4F8A6B9917E1C55E2021-07-12
142T138118CABCBE6ACF1C80C10B4070B8D013674883443E1C3170EA5007E7CA22FCD8B6E022021-07-09
142T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
142T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
141T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
140T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
140T1CCE2F87B94C24337C001EFB60B95C9AEBB736D306564C0E32BD42B1F892B9687D5D4692021-07-09
135T1DD816250432BB64AEC9A84B0409EA1E13657217214F2C91161CA66DC8B82AF4AF68C332022-02-08
134T1A58162A0432FB74ADC5680B151DEA0E16667707204E5CA0551C916ADDB829F0EF74C332022-02-08
134T10E8132A0832FBA4ADC96847151DEE1E16667307604E5C50161DA26DEDB83AE4EF78C332022-02-08
134T1688141C1405F2A7CF2ED8ABCA20506C43D46B4B324754D651184782DAA23E4C7722A332022-02-08
133T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 14 days.

Task counttelfhashLast seen
39t1f93145479479ca2d2f732c586c7c4fb61256ab2331527fb0bf9ac4885533002b968d4f2024-11-17
33t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2024-11-15
24t140317403a83f8f3ac5a298b0dc650765516b5701b4f9d7109f3ca9d06c79016702aacd2024-11-19
24t14e3133479579ca1d2f736c585c7c4fb5125aab2331526fb0bf9ac0889533002a978d4f2024-11-17
23t15f21e243a6b68a6c6ff3582858bc06b11592e6237250bf70ef5ec1809d37002b475e8b2024-11-10
20t19f900224424f44549a804241e0dd66018ed0e3131125289007d04440140332060051412024-11-20
19t1c421d043aab68a6c6ff3582498bc06b11592a6237250af70ef5ec1809d37002b475e8b2024-11-10
18t1fe11104270b6891c2bb259245cbc42b0165532232381be74bf0ec5c05937002ba79e8b2024-11-15
17t1d211020260b689282bb259205cbc42f1165526233341be75bf0ec5c4993b002aa78e8b2024-11-15
13t1d911d01371f6896d2bf259245cbc43b4255026237351be75bf0dc5d4593b002b979ecb2024-11-13
12t102016852cf670a4c97c3c31091ec9223b4b27566152039c2476d2ecc15503f3ba2c43f2024-11-19
12t178310071567851269aa1ec64d9ed97b2652ac7171340ff32df26c0cc281a449f62ac0f2024-11-17
12t11a21c14396f68b2c6fb3587468bc47a11552a6237260bf70af5ec1409d37006b579e8f2024-11-07
11t1bc3111b19679512a59a1ec68edde5bb2511a96172340fe33ee21c0cc380a44fe52bc0f2024-11-19
10t1cb900262474fbb68b245018048c90104c5e4e51b0460986145491c404852a1075102102024-11-20

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 12 months.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past past 12 months.

API requests

The illustration below documents the number of API requests over the past past 12 months.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 12 months.

Task countYARA RuleAuthorLast match
28'263'650maldoc_getEIP_method_1Didier Stevens (https://DidierStevens.com)2024-11-13
28'106'670meth_get_eipWilli Ballenthin2024-11-13
25'750'233QbotStuffanonymous2024-08-15
12'015'323win_berbew_strings_dec_2023Matthew @ Embee_Research2024-11-13
5'263'920DebuggerCheck__API2024-11-21
4'517'958classifiedclassified2024-09-24
3'744'219SEH__vba2024-11-21
2'178'176NETmalware-lu2024-11-21
2'172'411SHA512_Constantsphoul (@phoul)2024-11-21
2'120'705malware_shellcode_hashJPCERT/CC Incident Response Group2024-11-21
2'098'913maldoc_find_kernel32_base_method_1Didier Stevens (https://DidierStevens.com)2024-11-13
2'097'334UPXV200V290MarkusOberhumerLaszloMolnarJohnReisermalware-lu2024-11-21
1'812'138UPXv20MarkusLaszloReisermalware-lu2024-11-21
1'666'082DebuggerException__SetConsoleCtrl2024-11-21
1'633'863DebuggerCheck__QueryInfo2024-11-21

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 12 Mmonths.

Task countClamAV SignatureLast match
52'203'051PUA.Win.Packer.Lccwin-22024-11-20
34'842'605Win.Trojan.Obfus-382024-11-20
33'071'893Win.Trojan.Qukart-6874817-02024-11-20
29'015'255Win.Trojan.Padodor-10016488-02024-11-20
25'646'868Win.Malware.Qukart-6838239-02024-11-20
7'553'518Win.Trojan.Padodor-9877164-02024-11-20
6'819'000Win.Trojan.Berbew-9845290-12024-11-20
6'259'065SecuriteInfo.com.BackDoor.HangUp.43874.UNOFFICIAL2024-11-20
4'172'735Win.Packed.Razy-10010080-02024-11-20
3'801'713Win.Trojan.Razy-10016933-02024-11-20
3'629'821Win.Packed.Lazy-10005437-02024-11-20
3'590'662Win.Trojan.Berbew-10013977-02024-11-20
3'316'515Win.Trojan.Crypted-292024-11-20
3'294'478Win.Trojan.Crypted-302024-11-20
2'827'017Win.Malware.Renos-10003934-02024-11-20

Most seen files

Most seen files scanned by YARAify in the past 12 months.

Task countSHA256 hashLast seen
3'397a4ec9fd2488f0b1734317beb74e1524838d0f7c907eb4e452d7cf40c03c7e5dd2021-07-08
3'369e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
3'368b3986e04464339cec16157cf8c8bffec3a8a8c5eae57997974d45f5369fa16552021-07-07
3'36039e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
3'35823c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
3'3341115b6c913a207b9d81f8482613b2a9c2929ca81399861d2d2c47422e244060d2022-02-07
3'30769c88b4d5ea84620d1b762d5119fe9293c34e68268e7006cb503b865e963b2512021-07-09
3'30287479e089e6852958dab4026e07bc01ed1f31af423b1d26db462ef7493a537f12022-02-08
3'3015ea4d94c695189639e9ab7afe8d76d231030921fbfdd95e1941c7c0a05fb8f032022-02-07
3'293ebd6320e24d47c0d638749a149f14f4c94b1c98afa228dba1f48eea19a2c72572021-07-09
3'261c8c158269c68d6b09d0c8b118b6588302816f2936c193579b35512d6a6af506e2022-02-08
3'2608718400c6ca71b5afb0534931628b2aace3e5cc515edaa33d1da678f947b5cd42022-02-08
3'25796994840078a8dbaaa3175c80b72c01c3a7f258be338c94c58672cacf5e47a872022-02-08
3'256cdfb8e3d5bfb32850200759b0d3ccaa83ed5cb661cb2cccedf048d23959663602022-02-08
3'25553c22863323c0f5ff94f4ae86df27a51db4eae7232cc38333346ee8be9df5aa62022-02-07

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 12 months.

Task countdhash iconLast seen
1'515'46318b1b1b17068c8802024-11-20
607'461d8d0d4d8ececece42024-11-18
511'19269ccd4d49696cc712024-11-20
490'7401003873db9313e102024-11-20
415'46358b1b1b17068c8802024-11-20
216'602818da080a0a0a0a22024-11-20
215'4741003873d31213f102024-11-20
123'98100ccc4d0c4fc7c002024-11-20
123'0599919aca682a881a92024-11-20
120'2915ab3a5b332c482a02024-11-20
118'752b298acbab2ca7a722024-11-20
118'45571e8d4968ecc68f92024-11-20
108'522526e32661e3a2a102024-11-20
80'55704ccfee2ece4a4842024-11-20
52'247f8f0f4c8c8c8d8f02024-11-20

Top imphash

Top imphash observed on files scanned by YARAify in the past 12 months.

Task countimphashLast seen
15'998'1016db997463de98ce64bf5b6b8b0f77a452024-11-20
10'618'6674dcbc0931c6f88874a69f966c86889d92024-11-20
9'694'19446f03ef2495b21d7ad3e8d36dc03315d2024-11-20
6'449'007c9246f292a6fdc22d70e6e581898a0262024-11-20
2'323'959e4742a62fda2e64b586a5b84efe3f0402024-11-20
2'018'1135d6cad172c5535e4b6b6bbd2465716212024-11-20
1'020'49687914047e74de74a89c530e3bb19409e2024-11-20
786'13091f4b88d25daa33c7443253d9beb1bb32024-11-20
717'7463f8d79e42b0b7cecf379b1ddce4e422a2024-11-20
539'9062c2ad1dd2c57d1bd5795167a7236b0452024-11-20
433'091a3df475500e5e30f4680b397c2ee13f12024-11-20
385'712f34d5f2d4577ed6d9ceec516c1f5a7442024-11-20
344'107c06ddfbe3366daddf0cfd3e63c1b53902024-11-18
272'7421a611a7df1f3828b0157c4725145a7212024-11-18
254'248dae02f32a21e03ce65412f6e56942daa2024-11-20

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 months.

Task counttlshLast seen
3'407T16211801BC7D1ADF1C44C01700F5786041735D42453D583574E94047EFC561BC6CD6C062021-07-08
3'367T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
3'363T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'355T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'351T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
3'334T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
3'306T138118CABCBE6ACF1C80C10B4070B8D013674883443E1C3170EA5007E7CA22FCD8B6E022021-07-09
3'306T1D7819E61842314C4F557CEF4D51BE869BFA5734550584E1423E0705A4BCBA1427551A32022-02-08
3'296T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07
3'293T1CCE2F87B94C24337C001EFB60B95C9AEBB736D306564C0E32BD42B1F892B9687D5D4692021-07-09
3'262T1A58162A0432FB74ADC5680B151DEA0E16667707204E5CA0551C916ADDB829F0EF74C332022-02-08
3'262T10E8132A0832FBA4ADC96847151DEE1E16667307604E5C50161DA26DEDB83AE4EF78C332022-02-08
3'258T1DD816250432BB64AEC9A84B0409EA1E13657217214F2C91161CA66DC8B82AF4AF68C332022-02-08
3'256T1688141C1405F2A7CF2ED8ABCA20506C43D46B4B324754D651184782DAA23E4C7722A332022-02-08
3'252T1BD812B4525A230CAC056C270ED52C158ABD9BC37AF44D3BBF1B90FDD83112451CC1B0B2022-02-07

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 12 months.

Task counttelfhashLast seen
219t18c3112a19679512a5da1ec68edda57b2501a56172350bf33df21c0cc380a44ff527c0f2024-11-18
179t1bc3111b19679512a59a1ec68edde5bb2511a96172340fe33ee21c0cc380a44fe52bc0f2024-11-19
167t157110e13a0b9ca282bf348249dbc07f005502b23a782be71bf0ac5c49437002a875d9b2024-10-27
164t140317403a83f8f3ac5a298b0dc650765516b5701b4f9d7109f3ca9d06c79016702aacd2024-11-19
155t1dd21d0d8885ab05899828810e83f0981595bd257423cedc3bf34d8d20c7e5cdf887d7b2024-06-27
153t1ad11e113a0b9ca286bf758349dbc47f105512b23b746be71bf0ac5c49537002b975d9b2024-10-27
148t18a5106fa2dbe0cfcb3e56c08c74e2ad32a55da7b1951357184a79ca533f3a4080a5c362024-11-18
145t17141a2180d7817e0a7356c9d099dfb36d6a330de7e262d338f61e86aab69a435d11c0c2024-11-18
135t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2024-11-15
130t17011f01361b6ca1d2bb659348dfc47f016512b236282bf71bf0dc5c88537042b93ad9b2024-11-05
127t195317722553546142fb3d928acfd56b315222b2363587f716f26c48c49370e2e93dd4f2024-09-15
118t171217622513542182fb3d928acbd567315222b2363597f716f26c4cc49370e2e93ad4f2024-06-06
110t114215352a1f5cb282bb38934adbc03f51251a6136282bf756f0ec5c454331436934ddb2024-11-09
108t14e21324271f68a282bb385245cbc03b5264665232341bf756f0ec5c45837012a534dcb2024-10-21
108t102016852cf670a4c97c3c31091ec9223b4b27566152039c2476d2ecc15503f3ba2c43f2024-11-19