YARAify Scan Results
You are viewing the YARAify database entry for the file with the SHA256 hash 9740b0c4e7b3a752b8f5bbc972d49cfe1577b5ad636f27ca4652e876676a8208.
Scan Results
| SHA256 hash: | 9740b0c4e7b3a752b8f5bbc972d49cfe1577b5ad636f27ca4652e876676a8208 | |
|---|---|---|
| File size: | 7'001'600 bytes | |
| File download: | Original | |
| MIME type: | application/x-dosexec | |
| MD5 hash: | 74c152d64f3717a1458e80078d83d72b | |
| SHA1 hash: | 18bf296f5a73f5ab38b90ef5b623131dc1838479 | |
| SHA3-384 hash: | 91007f491800563eced0d268040c6f01a30591a97947f74a3d19a1fbd6ea04632b54e3c2f25bf255d0cd9596ebc8a228 | |
| First seen: | 2022-01-11 05:55:48 UTC | |
| Last seen: | Never | |
| Sightings: | 1 | |
| imphash : | n/a | |
| ssdeep : | 49152:69sua0vU/WUSji5sDP7Ls49md7UPcYjMKAeGgp7aqBhPzRZ9bjgtKrknZ/9DATCU:udVUjsXw49mBMEgp7LzRZ5jgYc/hb00 | |
| TLSH : | n/a | |
| telfhash : | n/a | |
| gimphash : | n/a | |
| dhash icon : | n/a | |
Tasks
There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.
Task Information
| Task ID: | bdb1688f-36b9-11f0-9b97-42010aa4000b | |
|---|---|---|
| File name: | rescan_7a97d | |
| Task parameters: | ClamAV scan: | True |
| Unpack: | False | |
| Share file: | False | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
| Signature: | Win.Trojan.Generic-9909088-0 |
|---|
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
| Rule name: | golang_bin_JCorn_CSC846 |
|---|---|
| Author: | Justin Cornwell |
| Description: | CSC-846 Golang detection ruleset |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | NET |
|---|---|
| Author: | malware-lu |
| TLP: | TLP:WHITE |
| Repository: |
| Rule name: | pe_no_import_table |
|---|---|
| Author: | |
| Description: | Detect pe file that no import table |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
| Rule name: | Sus_Obf_Enc_Spoof_Hide_PE |
|---|---|
| Author: | XiAnzheng |
| Description: | Check for Overlay, Obfuscating, Encrypting, Spoofing, Hiding, or Entropy Technique(can create FP) |
| TLP: | TLP:WHITE |
| Repository: | YARAify |
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter
Task Information
| Task ID: | 2041c4fb-72a3-11ec-99bf-42010aa4000b | |
|---|---|---|
| File name: | 74c152d64f3717a1458e80078d83d72b | |
| Task parameters: | ClamAV scan: | False |
| Unpack: | False | |
| Share file: | False | |
ClamAV Results
The file matched the following open source and commercial ClamAV rules.
Disabled by submitter
YARA Results
Static Analysis
The following YARA rules matched on the file (static analysis).
No matches
Unpacker
The following YARA rules matched on the unpacked file.
Disabled by submitter
Unpacked Files
The following files could be unpacked from this sample.
Disabled by submitter