Statistics

YARAIfy produces various statistics on files scanned by YARAify, including their detections. The available statistics can be found below.

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 30 days.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past 30 days.

API requests

The illustration below documents the number of API requests over the past 30 days.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 14 days.

Task countYARA RuleAuthorLast match
1'852'467maldoc_getEIP_method_1Didier Stevens (https://DidierStevens.com)2024-07-26
1'845'378meth_get_eipWilli Ballenthin2024-07-26
1'716'226QbotStuffanonymous2024-07-26
1'121'004win_berbew_strings_dec_2023Matthew @ Embee_Research2024-07-26
294'591DebuggerCheck__API2024-07-26
147'862SHA512_Constantsphoul (@phoul)2024-07-26
147'708maldoc_find_kernel32_base_method_1Didier Stevens (https://DidierStevens.com)2024-07-26
147'383malware_shellcode_hashJPCERT/CC Incident Response Group2024-07-26
145'963SEH__vba2024-07-26
143'737DebuggerCheck__QueryInfo2024-07-26
143'384DebuggerException__SetConsoleCtrl2024-07-26
129'529classifiedclassified2024-07-26
112'962BitcoinAddressDidier Stevens (@DidierStevens)2024-07-26
109'638MAL_XMR_Miner_May19_1Florian Roth (Nextron Systems)2024-07-25
109'638MAL_XMR_Miner_May19_1_RID2E1BFlorian Roth2024-07-25

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 14 days.

Task countClamAV SignatureLast match
1'685'254PUA.Win.Packer.Lccwin-22024-07-26
1'124'450Win.Trojan.Obfus-382024-07-26
1'121'033Win.Trojan.Qukart-6874817-02024-07-26
1'120'811Win.Trojan.Padodor-10016488-02024-07-26
860'498Win.Malware.Qukart-6838239-02024-07-26
351'701SecuriteInfo.com.BackDoor.HangUp.43874.UNOFFICIAL2024-07-26
211'902Win.Trojan.Berbew-9845290-12024-07-26
210'979Win.Trojan.Padodor-9877164-02024-07-26
144'642SecuriteInfo.com.BackDoor.HangUp.43791.UNOFFICIAL2024-07-26
141'310Win.Packed.Razy-10010080-02024-07-26
131'508Win.Trojan.Razy-10016933-02024-07-26
115'903Win.Malware.Renos-10003934-02024-07-26
115'339Win.Packed.Generickdz-10018234-02024-07-26
113'245Win.Trojan.Berbew-10013977-02024-07-26
111'870Win.Trojan.Xmrminer-9974342-02024-07-25

Most seen files

Most seen files scanned by YARAify in the past 14 days.

Task countSHA256 hashLast seen
27134b3d627a1971e0c51869258c92707f3dd2a5b742eee4ac4342e59696d0e794c2024-07-24
17705bf137a20e7234d39b48cac97114aa20c8dd4da8542857092d14a27f29433352024-07-22
1686806728dcfb92c5e551fd0db5e4e35472be44443c502e1827d2943428c2267b62024-07-16
1445ea4d94c695189639e9ab7afe8d76d231030921fbfdd95e1941c7c0a05fb8f032022-02-07
143e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
14323c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
141b3986e04464339cec16157cf8c8bffec3a8a8c5eae57997974d45f5369fa16552021-07-07
140c8c158269c68d6b09d0c8b118b6588302816f2936c193579b35512d6a6af506e2022-02-08
1408718400c6ca71b5afb0534931628b2aace3e5cc515edaa33d1da678f947b5cd42022-02-08
14096994840078a8dbaaa3175c80b72c01c3a7f258be338c94c58672cacf5e47a872022-02-08
14032996a04eeead4de0813ca803033429fd38e0aa4ab8d603508e1d2c6bd38aba72022-02-08
13853c22863323c0f5ff94f4ae86df27a51db4eae7232cc38333346ee8be9df5aa62022-02-07
13887479e089e6852958dab4026e07bc01ed1f31af423b1d26db462ef7493a537f12022-02-08
138cdfb8e3d5bfb32850200759b0d3ccaa83ed5cb661cb2cccedf048d23959663602022-02-08
13739e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 14 days.

Task countdhash iconLast seen
49'033d8d0d4d8ececece42024-07-24
43'36518b1b1b17068c8802024-07-25
39'5571003873db9313e102024-07-26
10'19871e8d4968ecc68f92024-07-25
9'9471003873d31213f102024-07-26
9'11969ccd4d49696cc712024-07-26
4'83900ccc4d0c4fc7c002024-07-26
4'183526e32661e3a2a102024-07-26
4'1549919aca682a881a92024-07-26
3'44704ccfee2ece4a4842024-07-26
2'6322171d95b2b37e2f92024-07-25
2'399e4f0e4a6e4e4e4dc2024-07-25
2'0841001873db9313e102024-07-26
1'85204c988cce6fc70122024-07-24
1'719b298acbab2ca7a722024-07-26

Top imphash

Top imphash observed on files scanned by YARAify in the past 14 days.

Task countimphashLast seen
569'2896db997463de98ce64bf5b6b8b0f77a452024-07-25
374'0824dcbc0931c6f88874a69f966c86889d92024-07-25
336'07846f03ef2495b21d7ad3e8d36dc03315d2024-07-25
208'533c9246f292a6fdc22d70e6e581898a0262024-07-25
110'044e4742a62fda2e64b586a5b84efe3f0402024-07-25
53'53191f4b88d25daa33c7443253d9beb1bb32024-07-26
45'2495d6cad172c5535e4b6b6bbd2465716212024-07-26
35'3683f8d79e42b0b7cecf379b1ddce4e422a2024-07-25
29'5291a611a7df1f3828b0157c4725145a7212024-07-24
25'88487914047e74de74a89c530e3bb19409e2024-07-25
21'353c06ddfbe3366daddf0cfd3e63c1b53902024-07-26
18'866be6fa16f501de575a1d8eaaac5246ba02024-07-25
14'509f34d5f2d4577ed6d9ceec516c1f5a7442024-07-26
9'529dae02f32a21e03ce65412f6e56942daa2024-07-26
9'22088478c1f74f94f7e1e9654193a1e02b32024-07-26

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 days.

Task counttlshLast seen
271T133152322569A4BACF60AC766BF1F72C6D11FFC9316C83EF6141C6CC44D51C68A82E5AC2024-07-24
177T159962320611DEC9DD6DF82B91B6F7C6C231E70FABCC46B511E24C35DE951BBAC88244A2024-07-22
168T1A69423E0C31D9DD8F882EADDC71778E2406CB477E75635C548A422167C6CEBCC1A86AE2024-07-16
143T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
143T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
143T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
140T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
140T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
140T1D7819E61842314C4F557CEF4D51BE869BFA5734550584E1423E0705A4BCBA1427551A32022-02-08
138T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07
136T1CF11126B87EAFEF1E14C00B0160B8B003329C42407E2974B4AA6012ABCA18BC4C96C012021-07-07
135T1E0D4642D0327604ED089F036233FDA9A7A06ACBF5F78B775F581254EBDE15CB806A5242022-08-22
135T16211801BC7D1ADF1C44C01700F5786041735D42453D583574E94047EFC561BC6CD6C062021-07-08
133T176E48D61F185C075E0F116B0A6FE7A5B146C2975471D38E3EB98BEC929740F27A3C28B2021-08-11
133T133E48D51F185C076E0F116B0A6FE7A5B146C2975471D38E3EB98BEC929740F27A3C28B2021-08-11

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 14 days.

Task counttelfhashLast seen
18t1cb6224b419fa30f0a1d7da47f362f0b46e33087966d875b015267d45dfe4e850c6a82b2024-07-23
14t157110e13a0b9ca282bf348249dbc07f005502b23a782be71bf0ac5c49437002a875d9b2024-07-15
13t1ed6211b059fe39b0a6d6da42f362f0b46a3708b856fd31b015327e86dfd4d440c7a81a2024-07-23
12t13c21ed32573851266a61cd64dcfd93e2152986522384bb77cf22c4cc540e04ada3ac4f2024-07-25
11t1bc3111b19679512a59a1ec68edde5bb2511a96172340fe33ee21c0cc380a44fe52bc0f2024-07-25
11t11111c013a1fa86192bf65924ac7c47f11550262373467e717f0ec6c4593b003b979ddb2024-07-22
10t1e441b2181e7817f097355c5e099cfb76d6a330db7e162c338e61e86ae768a838d11c0c2024-07-25
10t19c210013a1fa8a281bf35920adbc43b015502b237246be71bf0dc5c4593b003b579ddb2024-07-25
10t1785132b438253994b2fbba3ab30af991ac71095419e131d1dd73b8e2de167c40e728322024-07-25
10t14c212e352a2096296d61cda48ded53b2112853132384af33df35c0cc601a0dae63ec4f2024-07-17
9t1675123fb5d7e08ecf3d05844c36e0fd2255adb7b146076b245a368a523e7d8150bac3a2024-07-25
8t1ee11dd12a1fa86182bf65924ac7c47f115502a2373867e717f0ec6c4593b003b979ddb2024-07-22
8t13321fe46a1fa86285eb76820adbc47b5085217137652bf706f09c5c01c7b002a93addb2024-07-21
8t1ad11e113a0b9ca286bf758349dbc47f105512b23b746be71bf0ac5c49537002b975d9b2024-07-15
7t1d221ca32573952266961dc64dcee93a2142982622784bb77cf22c4cc641e05aea3ac4f2024-07-25

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 12 months.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past past 12 months.

API requests

The illustration below documents the number of API requests over the past past 12 months.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 12 months.

Task countYARA RuleAuthorLast match
34'185'223maldoc_getEIP_method_1Didier Stevens (https://DidierStevens.com)2024-07-26
34'057'524meth_get_eipWilli Ballenthin2024-07-26
31'633'687QbotStuffanonymous2024-07-26
9'462'029win_berbew_strings_dec_2023Matthew @ Embee_Research2024-07-26
4'933'451DebuggerCheck__API2024-07-26
2'595'894maldoc_find_kernel32_base_method_1Didier Stevens (https://DidierStevens.com)2024-07-26
2'343'016NETmalware-lu2024-07-26
2'095'562UPXV200V290MarkusOberhumerLaszloMolnarJohnReisermalware-lu2024-07-26
1'947'353SHA512_Constantsphoul (@phoul)2024-07-26
1'876'519malware_shellcode_hashJPCERT/CC Incident Response Group2024-07-26
1'869'383UPXv20MarkusLaszloReisermalware-lu2024-07-26
1'593'683DebuggerException__SetConsoleCtrl2024-07-26
1'376'359DebuggerCheck__QueryInfo2024-07-26
1'344'397vmdetectnex2024-07-26
1'320'818SEH__vba2024-07-26

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 12 Mmonths.

Task countClamAV SignatureLast match
32'695'203PUA.Win.Packer.Lccwin-22024-07-26
21'925'890Win.Trojan.Obfus-382024-07-26
18'193'405Win.Trojan.Qukart-6874817-02024-07-26
13'481'164Win.Malware.Qukart-6838239-02024-07-26
12'973'041Win.Trojan.Padodor-10016488-02024-07-26
7'342'494Win.Trojan.Padodor-9877164-02024-07-26
2'993'951Win.Trojan.Berbew-10013977-02024-07-26
2'780'252Win.Trojan.Berbew-9845290-12024-07-26
2'777'937Win.Packed.Razy-10010080-02024-07-26
2'732'718Win.Trojan.Crypted-292024-07-25
2'714'691Win.Trojan.Crypted-302024-07-25
2'378'639Win.Packed.Lazy-10005437-02024-07-26
1'889'380Win.Trojan.Crypted-282024-07-25
1'833'517Win.Malware.Renos-10003934-02024-07-26
1'803'526Win.Trojan.Razy-10015064-02024-07-26

Most seen files

Most seen files scanned by YARAify in the past 12 months.

Task countSHA256 hashLast seen
3'362a4ec9fd2488f0b1734317beb74e1524838d0f7c907eb4e452d7cf40c03c7e5dd2021-07-08
3'354b3986e04464339cec16157cf8c8bffec3a8a8c5eae57997974d45f5369fa16552021-07-07
3'351e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
3'34139e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
3'3081115b6c913a207b9d81f8482613b2a9c2929ca81399861d2d2c47422e244060d2022-02-07
3'28423c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
3'27487479e089e6852958dab4026e07bc01ed1f31af423b1d26db462ef7493a537f12022-02-08
3'2365ea4d94c695189639e9ab7afe8d76d231030921fbfdd95e1941c7c0a05fb8f032022-02-07
3'228c8c158269c68d6b09d0c8b118b6588302816f2936c193579b35512d6a6af506e2022-02-08
3'2278718400c6ca71b5afb0534931628b2aace3e5cc515edaa33d1da678f947b5cd42022-02-08
3'220cdfb8e3d5bfb32850200759b0d3ccaa83ed5cb661cb2cccedf048d23959663602022-02-08
3'21896994840078a8dbaaa3175c80b72c01c3a7f258be338c94c58672cacf5e47a872022-02-08
3'21653c22863323c0f5ff94f4ae86df27a51db4eae7232cc38333346ee8be9df5aa62022-02-07
3'157b1bce9d29dc58cf8e53382c61d200610a8200708cd32713b63b18b260db9bfa82022-02-09
3'1308c251ccc6eb0591c58ad3337729bcce081d8d65557523d21a6aee9cd6523d59f2022-02-07

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 12 months.

Task countdhash iconLast seen
530'25869ccd4d49696cc712024-07-26
384'026d8d0d4d8ececece42024-07-24
296'2511003873db9313e102024-07-26
215'250818da080a0a0a0a22024-07-26
108'6781003873d31213f102024-07-26
108'4045ab3a5b332c482a02024-07-26
102'01118b1b1b17068c8802024-07-25
99'082b298acbab2ca7a722024-07-26
92'7359919aca682a881a92024-07-26
82'175526e32661e3a2a102024-07-26
80'41700ccc4d0c4fc7c002024-07-26
72'521f8f0f4c8c8c8d8f02024-07-26
55'57204ccfee2ece4a4842024-07-26
52'56371e8d4968ecc68f92024-07-25
41'176e9f4aa8accc6c6642024-07-26

Top imphash

Top imphash observed on files scanned by YARAify in the past 12 months.

Task countimphashLast seen
12'060'41546f03ef2495b21d7ad3e8d36dc03315d2024-07-25
8'956'9486db997463de98ce64bf5b6b8b0f77a452024-07-25
6'611'9784dcbc0931c6f88874a69f966c86889d92024-07-25
2'816'944c9246f292a6fdc22d70e6e581898a0262024-07-25
1'669'809e4742a62fda2e64b586a5b84efe3f0402024-07-25
849'8962c2ad1dd2c57d1bd5795167a7236b0452024-07-25
812'66587914047e74de74a89c530e3bb19409e2024-07-25
731'39491f4b88d25daa33c7443253d9beb1bb32024-07-26
518'206a3df475500e5e30f4680b397c2ee13f12024-07-26
452'1073f8d79e42b0b7cecf379b1ddce4e422a2024-07-25
421'373f34d5f2d4577ed6d9ceec516c1f5a7442024-07-26
262'869dae02f32a21e03ce65412f6e56942daa2024-07-26
221'7361a611a7df1f3828b0157c4725145a7212024-07-24
180'109c06ddfbe3366daddf0cfd3e63c1b53902024-07-26
154'225be6fa16f501de575a1d8eaaac5246ba02024-07-25

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 months.

Task counttlshLast seen
3'364T16211801BC7D1ADF1C44C01700F5786041735D42453D583574E94047EFC561BC6CD6C062021-07-08
3'364T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
3'358T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'348T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'308T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
3'294T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
3'281T1D7819E61842314C4F557CEF4D51BE869BFA5734550584E1423E0705A4BCBA1427551A32022-02-08
3'231T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07
3'228T10E8132A0832FBA4ADC96847151DEE1E16667307604E5C50161DA26DEDB83AE4EF78C332022-02-08
3'227T1A58162A0432FB74ADC5680B151DEA0E16667707204E5CA0551C916ADDB829F0EF74C332022-02-08
3'222T1DD816250432BB64AEC9A84B0409EA1E13657217214F2C91161CA66DC8B82AF4AF68C332022-02-08
3'218T1688141C1405F2A7CF2ED8ABCA20506C43D46B4B324754D651184782DAA23E4C7722A332022-02-08
3'216T1BD812B4525A230CAC056C270ED52C158ABD9BC37AF44D3BBF1B90FDD83112451CC1B0B2022-02-07
3'159T15B8193C992427125F5E380F0462798F237893566B1AE8AD402CEA83C28039C0C758A372022-02-09
3'121T1F9033F8736E31004BB09BE35C754834FEF46CF59B97A9B4ED39826C72370A78629E0592022-02-07

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 12 months.

Task counttelfhashLast seen
205t18c3112a19679512a5da1ec68edda57b2501a56172350bf33df21c0cc380a44ff527c0f2024-07-21
194t195317722553546142fb3d928acfd56b315222b2363587f716f26c48c49370e2e93dd4f2024-06-06
183t171217622513542182fb3d928acbd567315222b2363597f716f26c4cc49370e2e93ad4f2024-06-06
155t1dd21d0d8885ab05899828810e83f0981595bd257423cedc3bf34d8d20c7e5cdf887d7b2024-06-27
137t17011f01361b6ca1d2bb659348dfc47f016512b236282bf71bf0dc5c88537042b93ad9b2024-07-19
129t17141a2180d7817e0a7356c9d099dfb36d6a330de7e262d338f61e86aab69a435d11c0c2024-07-13
127t141217662513542182fb3d928acbd567315222b2363597f716f26c5cc49370e2f93ad4f2024-06-06
124t18a5106fa2dbe0cfcb3e56c08c74e2ad32a55da7b1951357184a79ca533f3a4080a5c362024-07-13
100t157110e13a0b9ca282bf348249dbc07f005502b23a782be71bf0ac5c49437002a875d9b2024-07-15
94t1ad11e113a0b9ca286bf758349dbc47f105512b23b746be71bf0ac5c49537002b975d9b2024-07-15
91t187313122943546142fb39928acbd56b315222f2363993e716f26c5cc492b0e2e93ad5f2024-07-22
91t14e21324271f68a282bb385245cbc03b5264665232341bf756f0ec5c45837012a534dcb2024-07-05
90t1bc3111b19679512a59a1ec68edde5bb2511a96172340fe33ee21c0cc380a44fe52bc0f2024-07-25
89t18c51acb12aa539d4a2fbeb7a730bd5a4ec340e2004e134d2edb7adf5de063410d658672024-07-13
88t12a21419271f6ca2d3bb389746cbc43b52642b5132741bf75af0ec5c45833052a924ecb2024-07-05