Statistics

YARAIfy produces various statistics on files scanned by YARAify, including their detections. The available statistics can be found below.

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 30 days.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past 30 days.

API requests

The illustration below documents the number of API requests over the past 30 days.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 14 days.

Task countYARA RuleAuthorLast match
290'300meth_get_eipWilli Ballenthin2023-03-26
170'690QbotStuffanonymous2023-03-26
81'855pdb_YARAify@wowabiy3142023-03-26
35'746shellcodenex2023-03-26
33'741win_sality_autoFelix Bilstein2023-03-26
29'039TeslaCryptPackedMalware2023-03-26
26'793PE_Potentially_Signed_Digital_Certificatealbertzsigovits2023-03-26
24'731malware_shellcode_hashJPCERT/CC Incident Response Group2023-03-26
24'198BitcoinAddressDidier Stevens (@DidierStevens)2023-03-26
22'765MALWARE_Win_RedLineditekSHen2023-03-26
22'208INDICATOR_EXE_Packed_MPressditekSHen2023-03-26
21'081command_and_controlCD_R0M_2023-03-26
20'748extracted_at_0x44bcb2023-03-26
18'949PE_Digital_Certificatealbertzsigovits2023-03-26
18'919meth_stackstringsWilli Ballenthin2023-03-26

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 14 days.

Task countClamAV SignatureLast match
85'719Win.Malware.Dqqw-9951425-02023-03-26
85'522Win.Malware.Zusy-6804618-02023-03-26
85'521Win.Trojan.QQPass-5710308-02023-03-26
74'448PUA.Win.Packer.Lccwin-22023-03-26
49'912Win.Trojan.Obfus-382023-03-26
40'025Win.Trojan.Qukart-6874817-02023-03-25
33'512Win.Malware.Qukart-6838239-02023-03-26
30'461PUA.Win.Packer.AcprotectUltraprotect-12023-03-26
28'465Win.Trojan.Crypted-292023-03-25
28'141Win.Trojan.Crypted-302023-03-25
18'090PUA.Win.Packer.Embedpe-32023-03-26
17'186PUA.Win.Packer.Ep-72023-03-26
16'262PUA.Win.Packer.Pequake-42023-03-26
15'027Win.Malware.Scar-9946848-02023-03-26
14'579PUA.Win.Packer.Acprotect-42023-03-26

Most seen files

Most seen files scanned by YARAify in the past 14 days.

Task countSHA256 hashLast seen
1415d2c578c6f0fe65a39e920bf03b5023ca0ace5efa80c316f7f454067cfea87b32021-07-07
140abdfc082a45bf10c4ac4f246837516b1c0789ab3957837fb70485404a4f00a7a2023-01-24
140c8c1bf38e04d6721c303717090bd168aadbacc276d3cf60212fe12495eed6e482023-01-24
140b3986e04464339cec16157cf8c8bffec3a8a8c5eae57997974d45f5369fa16552021-07-07
14039e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
140e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
140eb914cb20a71b6eb10ece525230e28b559474550d956c2d752e39034b1cc56b42023-01-24
140e19b0ba085a6c6f754df5f6f3a2ad8d490eafb62ad14606a943e7de2d0e3e03f2021-07-07
138ebd6320e24d47c0d638749a149f14f4c94b1c98afa228dba1f48eea19a2c72572021-07-09
1381115b6c913a207b9d81f8482613b2a9c2929ca81399861d2d2c47422e244060d2022-02-07
13623c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
13639abc88b98259b7391c232ec698346cf6ef6a505c76cb59d420f2274b717918f2023-02-09
1351fbe149b1fd5ccecc6e7ecbedb2e1181f3b2def56ff01f0b233ec36ac68875422021-12-09
13569c88b4d5ea84620d1b762d5119fe9293c34e68268e7006cb503b865e963b2512021-07-09
135c00582679fc5fdbe08035c523fe80a1472834ec01d61fcdcb3616e3bc1e4b06b2023-02-09

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 14 days.

Task countdhash iconLast seen
964f8f0f4c8c8c8d8f02023-03-26
893399998ecd4d46c0e2023-03-26
7599919aca682a881a92022-07-23
366b298acbab2ca7a722023-03-26
300b0ccccc4dcccccf22023-03-24
24369ccd4d49696cc712023-01-08
1749494b494d4aeaeac2023-03-25
114338be5f1f1a9adb72022-07-23
92b3b3b371716b93b32023-03-26
8702491212030a22042023-03-19
74230b4a420b2b06022023-03-19
72b2a89c96a2cada722023-03-25
71916a6a6a6a6a6a642023-03-16
7063032a23030a42222023-03-18
64414555c0d4d445032022-10-31

Top imphash

Top imphash observed on files scanned by YARAify in the past 14 days.

Task countimphashLast seen
85'5502c2ad1dd2c57d1bd5795167a7236b0452023-03-26
24'82946f03ef2495b21d7ad3e8d36dc03315d2023-03-25
24'0636db997463de98ce64bf5b6b8b0f77a452023-03-25
22'652dae02f32a21e03ce65412f6e56942daa2023-03-26
18'590f34d5f2d4577ed6d9ceec516c1f5a7442023-03-26
14'940cdf5bbb8693f29ef22aef04d2a161dd72023-03-26
14'577d8b32e731e5438c6329455786e51ab4b2023-03-26
11'401890e522b31701e079a367b89393329e62023-03-26
9'55884706849fa809feaa385711a628be0292023-03-26
8'380c9246f292a6fdc22d70e6e581898a0262023-03-25
7'6344dcbc0931c6f88874a69f966c86889d92023-03-25
7'196a3df475500e5e30f4680b397c2ee13f12023-03-26
6'998bf5a4aa99e5b160f8521cadd6bfe73b82023-03-26
6'504646167cce332c1c252cdcb1839e0cf482023-03-26
6'209c024c5b95884d2fe702af4f8984b369e2023-03-26

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 days.

Task counttlshLast seen
164T16D32F1F94DD4E7AC4ED46381A7DF2C341EA306743331368B99269AB8621277FA11B0D72022-11-21
141T17304AE2471C1C1B3C4B7113444E6CB799A7A7472477A91D7BB9D2BBA6F203D0A3362CA2023-02-19
141T192D002F380E0149A4460331317DF1D451B5F136DB78A2613F83D7E84432093A37539712021-07-07
140T134830807779B4215C1994A74C8E3052307B2BF877E77EB4A3D8802CE1E523E58E6A7D92023-01-24
140T12D049D2475C1C1B3C4B7113444E6CB799A7A7072477A92D7BBDD1BBA6F202E0A3362C92023-01-24
140T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
140T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
140T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
140T18CC048F380E010420460231313EF1E452B5F235C77462623F42C7D808320A3A37A39722021-07-07
139T1A073190B768B4215C19D5A74C8E3052307B2BF877E77EB4A3D88028E1E523E58E6A7D52023-01-24
138T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
138T1CCE2F87B94C24337C001EFB60B95C9AEBB736D306564C0E32BD42B1F892B9687D5D4692021-07-09
137T1868428AE3F7281EBF225013347CCCD6547262CB3A6E57087628877D91A30AD952BFD852023-02-25
136T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
135T138118CABCBE6ACF1C80C10B4070B8D013674883443E1C3170EA5007E7CA22FCD8B6E022021-07-09

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 14 days.

Task counttelfhashLast seen
30t15411cc5271fa895d2bf649249cbc43b4265026237392beb5bf0dc6d05937002b979e8f2023-03-25
27t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2023-03-17
24t171217622513542182fb3d928acbd567315222b2363597f716f26c4cc49370e2e93ad4f2023-03-22
22t15c2131705336a115aea1cc64dcee87f2111996232744af73ee36c0cc68060cae52bc0f2023-03-23
21t18421fe46a1f6856d2ff368345dbc46b5188227133361bf70af0985c01c7b002a936ecb2023-03-22
21t195317722553546142fb3d928acfd56b315222b2363587f716f26c48c49370e2e93dd4f2023-03-22
17t1a1e02605f9a5861849da6a348d9c07b15911621334a69b299f01d7e0dc3f110a70c99e2023-03-23
17t1ad210246a1f68a685ff368205dbc46b5199217273351af70af1984c01c7b002a939ecb2023-03-22
17t107110c4371fa895c2bf249249cbc43b0265026237382beb0bf0dc6c05937002b979e8f2023-03-25
17t1d9e0c240adb89a1e9ce35bb8ddcd07b1a1116253a4270b10cf58e6e0c83f988a60de6d2023-03-23
16t15821e2bf1e6709fcb3c4a898c32b62931679d273056132b401b3ad9923f2ec05169d3a2023-03-23
16t141217662513542182fb3d928acbd567315222b2363597f716f26c5cc49370e2f93ad4f2023-03-22
15t19311f718893853f497b21d9e6becfb76e45171db4a265e338d40e96e9b2dd029d00c1c2023-03-23
14t1fe11104270b6891c2bb259245cbc42b0165532232381be74bf0ec5c05937002ba79e8b2023-03-17
14t1c421fe47a1f6856d2ff368345dbc46b5188227133361bf70af0985c01c7b002a93aecb2023-03-22

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 12 months.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past past 12 months.

API requests

The illustration below documents the number of API requests over the past past 12 months.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 12 months.

Task countYARA RuleAuthorLast match
3'029'017meth_get_eipWilli Ballenthin2023-03-26
1'725'887pdb_YARAify@wowabiy3142023-03-26
850'741BitcoinAddressDidier Stevens (@DidierStevens)2023-03-26
706'440Skystars_Malware_ImphashSkystars LightDefender2023-03-26
706'440pe_imphash2023-03-26
685'280QbotStuffanonymous2023-03-26
557'167crime_win64_emotet_unpackedRony (r0ny_123)2023-03-23
533'657command_and_controlCD_R0M_2023-03-26
473'630meth_stackstringsWilli Ballenthin2023-03-26
413'491win_sality_autoFelix Bilstein2023-03-26
412'024win_heodo2023-03-23
383'983extracted_at_0x44bcb2023-03-26
359'497exploit_any_poppopretJeff White [karttoon@gmail.com] @noottrak2022-06-22
347'677INDICATOR_EXE_Packed_MPressditekSHen2023-03-26
293'682malware_shellcode_hashJPCERT/CC Incident Response Group2023-03-26

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 12 Mmonths.

Task countClamAV SignatureLast match
738'119PUA.Win.Packer.Upx-42022-10-27
681'520PUA.Win.Packer.Lccwin-22023-03-26
559'560Win.Trojan.Qukart-6874817-02023-03-25
466'890PUA.Win.Packer.Asprotect-32023-03-26
458'685PUA.Win.Packer.Pequake-42023-03-26
458'148Win.Malware.Zusy-6878655-02023-03-25
431'637Win.Malware.Midie-6847981-02023-03-26
429'531Win.Malware.Midie-6847893-02023-03-26
415'649Win.Trojan.Obfus-382023-03-26
401'930Win.Malware.Qukart-6838239-02023-03-26
380'534Win.Malware.Midie-6848630-02023-03-26
375'260Win.Malware.Midie-6847894-02023-03-26
367'246PUA.Win.Packer.AcprotectUltraprotect-12023-03-26
363'326Win.Malware.Midie-6847892-02023-02-23
363'326Win.Malware.Midie-6848784-02023-02-23

Most seen files

Most seen files scanned by YARAify in the past 12 months.

Task countSHA256 hashLast seen
150'031bfc6bff6a3be4c198b51f7ac0a28a8b61baaadbffcdcca8f25ef35b616c53cc52022-07-14
71'17123c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
60'2641665e0d57f7f62035a0f720ca385a82a27502283bf131d1628c877159e79a2102021-07-08
55'7132d93837ee387916c4a6060912fcb2b9fdaa836f419d2a038500299b376b5fbcd2021-07-08
35'0675881513fca390bfea60468b7b8085da7448efeeca39f52c8ac56745024afe2692021-07-08
24'679cf581ab47fabfc401ebca29130781037fb56b3bc54515f845f6f26bb4cbf96702022-06-08
24'4195ea4d94c695189639e9ab7afe8d76d231030921fbfdd95e1941c7c0a05fb8f032022-02-07
24'311e19b0ba085a6c6f754df5f6f3a2ad8d490eafb62ad14606a943e7de2d0e3e03f2021-07-07
23'642daf3d4175396ad0f2d639ea6dcfb166d701cdce5fd545fe3a320a88bd267ec7e2022-05-12
23'118e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8552021-07-12
19'51253c22863323c0f5ff94f4ae86df27a51db4eae7232cc38333346ee8be9df5aa62022-02-07
18'979e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
18'91939e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
18'0555d2c578c6f0fe65a39e920bf03b5023ca0ace5efa80c316f7f454067cfea87b32021-07-07
16'961f005681bb6bcee1fefa5048460bd89492a1ee6e1c2c855c8fd664eaa920012662022-04-26

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 12 months.

Task countdhash iconLast seen
82'07137373339294935872022-07-23
56'2819919aca682a881a92022-07-23
41'666399998ecd4d46c0e2023-03-26
29'184e94a6e71e932f0332022-07-23
27'635e0e4a2aaa4b8a8882023-02-06
26'890d0c4a2a2a4bcbcb82022-07-23
20'935c271cc9cae8de9722023-01-01
19'76471b119dcce5763332023-03-01
18'5141003873d31213f102023-01-16
16'4001ad2a38edcb6b2dc2022-07-23
13'745818da080a0a0a0a22022-12-23
13'317f8fcec9e8e88c0e82022-10-13
12'554338be5f1f1a9adb72022-07-23
10'27030d4f0e8ccdcf0712022-07-23
9'90600ccc4d0c4fc7c002022-07-23

Top imphash

Top imphash observed on files scanned by YARAify in the past 12 months.

Task countimphashLast seen
706'094f34d5f2d4577ed6d9ceec516c1f5a7442023-03-26
458'715dae02f32a21e03ce65412f6e56942daa2023-03-26
221'880be6fa16f501de575a1d8eaaac5246ba02023-03-26
199'3582c2ad1dd2c57d1bd5795167a7236b0452023-03-26
199'09568d9776cadfeba9a6849d2f603b34a8f2023-02-06
190'7318abecba2211e61763c4c9ffcaa13369e2023-03-26
176'6026db997463de98ce64bf5b6b8b0f77a452023-03-25
168'472e4742a62fda2e64b586a5b84efe3f0402023-03-25
128'319a12d186f65c99f872323a61923ce70d82023-03-26
91'158d8b32e731e5438c6329455786e51ab4b2023-03-26
90'422ed86c2ba483c37b0e2cfeecbd5fca8762023-03-26
78'73184706849fa809feaa385711a628be0292023-03-26
74'18946f03ef2495b21d7ad3e8d36dc03315d2023-03-25
72'673cdf5bbb8693f29ef22aef04d2a161dd72023-03-26
69'2315271d5ce8b44dd47bc92563e275854662023-03-25

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 months.

Task counttlshLast seen
71'171T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
24'701T129F36C24E84345E7F87B1932D0077A2FD4647D295220EE7BD954CE9AFF22B14A20F25E2022-06-12
24'419T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07
24'311T18CC048F380E010420460231313EF1E452B5F235C77462623F42C7D808320A3A37A39722021-07-07
23'642T173045B65E49345E7F8BB0872904A7B5FD8242D41D210DE3F9554CEDABF22B25A20F22F2022-05-12
19'512T1BD812B4525A230CAC056C270ED52C158ABD9BC37AF44D3BBF1B90FDD83112451CC1B0B2022-02-07
18'979T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
18'919T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
18'055T192D002F380E0149A4460331317DF1D451B5F136DB78A2613F83D7E84432093A37539712021-07-07
16'961T1B873119B3ADC5DD1D0840B3818F5C52B4EA1F9B8029E8F3661C0A56F5DDD68A093C7B12022-04-26
15'502T161F37C24E55354EBF9B70832D4073B0FD8642D155210AE7FE6588ED7AF22B22A21F25F2022-06-08
15'362T1C8D0C9F088E8101C6412373657CF6CCD034317321A02A917F9262429B160AB743C33EA2022-07-06
11'747T19DF36C24E84305E7F87B1932D0477A2FE4646D295210EE7FD954CE9AFF32B14A20B25E2022-06-09
11'736T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
11'087T19C84BF24A49356EBF96B0432D0477A8FD9382D14A310DE3BE694CFA6AF31704970F65E2022-07-12

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 12 months.

Task counttelfhashLast seen
193t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2023-03-17
172t171217622513542182fb3d928acbd567315222b2363597f716f26c4cc49370e2e93ad4f2023-03-22
167t195317722553546142fb3d928acfd56b315222b2363587f716f26c48c49370e2e93dd4f2023-03-22
161t15411cc5271fa895d2bf649249cbc43b4265026237392beb5bf0dc6d05937002b979e8f2023-03-25
130t1fe11104270b6891c2bb259245cbc42b0165532232381be74bf0ec5c05937002ba79e8b2023-03-17
116t1d211020260b689282bb259205cbc42f1165526233341be75bf0ec5c4993b002aa78e8b2023-03-17
113t141217662513542182fb3d928acbd567315222b2363597f716f26c5cc49370e2f93ad4f2023-03-22
113t15821e2bf1e6709fcb3c4a898c32b62931679d273056132b401b3ad9923f2ec05169d3a2023-03-23
111t1d9e0c240adb89a1e9ce35bb8ddcd07b1a1116253a4270b10cf58e6e0c83f988a60de6d2023-03-23
105t1ae11e10271f689282bf259245cbc43f4265126233341be71bf0dc5c0593b003b939e8b2023-03-25
98t15c2131705336a115aea1cc64dcee87f2111996232744af73ee36c0cc68060cae52bc0f2023-03-23
98t19311f718893853f497b21d9e6becfb76e45171db4a265e338d40e96e9b2dd029d00c1c2023-03-23
89t107110c4371fa895c2bf249249cbc43b0265026237382beb0bf0dc6c05937002b979e8f2023-03-25
84t1992121a2ba6509a0f1fbf561b304d0450d200a1416fa36f2c275b9fadba5b820f78c372023-03-23
75t11ee07200ec75871c88dbaa749d8d07b4ca012216606b0b10cf10daf4c83f448f30ce4a2023-03-17