NEW | Hunt across all abuse.ch platforms with one simple query - discover if an IPv4 address, domain, URL or file hash has been identified on any platform from a centralized search tool. Test it out here hunting.abuse.ch - and happy hunting 🔍

YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash ca6bf8e3055340a30ff292996dc06050a3c4fdd5c6e355f11988256dca9112f6.

Scan Results

SHA256 hash: ca6bf8e3055340a30ff292996dc06050a3c4fdd5c6e355f11988256dca9112f6
File size:249'996 bytes
File download: Original
MIME type:application/x-dosexec
MD5 hash: fd8a5613bd9dac1596cba146f88270e6
SHA1 hash: 3724aca088f721d8517c68d545500f9766e63584
SHA3-384 hash: ae783943839fb45d6f60bfac759a999a3a433bd76797df1f9bfd851267049dce7185eb610a7fe1f0d53638ceaf25c4cc
First seen:2024-10-02 12:13:53 UTC
Last seen:Never
Sightings:1
imphash : 2f0d49879c9c669bae9b5156b9231d00
Create hunting rule
ssdeep : 6144:EMJmpNgDooSGTvb2k/fJq8DncxsBO7F/bOCbtzMI:3J4gkoSGTRfI8DncC0NFbtzMI
TLSH :n/a
telfhash :n/a
gimphash :n/a
File icon (PE):PE icon
dhash icon : 70c8b4b6ccfc71b2
Create hunting rule

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:ca86a5eb-80b7-11ef-b6ec-42010aa4000b
File name:fd8a5613bd9dac1596cba146f88270e6
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:SecuriteInfo.com.HackTool.Win32.SuperScan.AA.12456.6191.UNOFFICIAL
Create hunting rule
Signature:Win.Trojan.Agent-6240252-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:superscan3_0
Create hunting rule
Author:Florian Roth
Description:Disclosed hacktool set (old stuff) - file superscan3.0.exe
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:superscan3_0
Create hunting rule
Author:Florian Roth (Nextron Systems)
Description:Disclosed hacktool set (old stuff) - file superscan3.0.exe
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:UPX293300LZMAMarkusOberhumerLaszloMolnarJohnReiser
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:
Rule name:UPXV200V290MarkusOberhumerLaszloMolnarJohnReiser
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:
Rule name:UPXv20MarkusLaszloReiser
Create hunting rule
Author:malware-lu
TLP:TLP:WHITE
Repository:

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.