YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash abee7fcd87df65f8be734a4778b8195fbce74a41eac31f76de0bcdda821b7449.

SHA256 hash:	abee7fcd87df65f8be734a4778b8195fbce74a41eac31f76de0bcdda821b7449
File size:	9'568'256 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	c37eeefe0dc47e60769a3519a4b0cdbf
SHA1 hash:	c509ea1a4f8c6c797f7c974f1ed230c23009ca57
SHA3-384 hash:	41c4281bd5463dcda9dd0512bb65899b05e257c81040b6e86e488a019e00165c6ed5a12a8ce3db9be3102b629c2967c9
First seen:	2024-03-22 16:45:44 UTC
Last seen:	Never
Sightings:	1
imphash :	69c7c7113e5c24eda281fb791c8d2026 Create hunting rule
ssdeep :	196608:Cf1ncO4U8SCYw4N9vpDLSRCOQWOcxCeccXPAZLi3m38NuPyRqhh4I+V:oWS+IRDOYWTccXP6LmNuPyqhvA
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	Win.Trojan.Revell-1 Create hunting rule

Signature:	Win.Worm.Bloored-9940820-0 Create hunting rule

Signature:	YARA.telnet_cgi.UNOFFICIAL Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	telnet_cgi Create hunting rule
Author:	Neo23x0 Yara BRG + customization by Stefan -dfate- Molls
Description:	Semi-Auto-generated - file telnet.cgi.txt
TLP:	TLP:WHITE
Repository:	Neo23x0

Rule name:	without_urls Create hunting rule
Author:	Antonio Sanchez <asanchez@hispasec.com>
Description:	Rule to detect the no presence of any url
Reference:	http://laboratorio.blogs.hispasec.com/
TLP:	TLP:WHITE

Rule name:	yara_template Create hunting rule
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2024-03-22 16:45:44 UTC Static: 4 Unpacker: 0 ClamAV: 3