YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash f05071d61f42788aa3b96b15f70244ae422f5f5230b08dafcc2618cc67e883ad.

SHA256 hash:	f05071d61f42788aa3b96b15f70244ae422f5f5230b08dafcc2618cc67e883ad
File size:	19'701'248 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	9839d675336bb8b1a3e90227bca394aa
SHA1 hash:	be2f48460373332bf918f4b5a46362621e0ca3cd
SHA3-384 hash:	bb1687450492ba0617e9de9ba56b18835eae4bb9c1ef6df0a6e94be946a4052ea85678087987dd39e3ded12b8dbd0589
First seen:	2024-10-03 06:15:28 UTC
Last seen:	Never
Sightings:	1
imphash :	f34d5f2d4577ed6d9ceec516c1f5a744 Create hunting rule
ssdeep :	3072:picAupjF+FyFEF+FyFuF+FyF9F+FyFEF+FyFuF+FyFUF+FyFEF+FyFuF+FyFSF+8:picnFEyH5bW
TLSH :	n/a
telfhash :	n/a
gimphash :	n/a
File icon (PE):
dhash icon :	f88ea22525a28ef8 Create hunting rule

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

No matches

The following YARA rules matched on the file (static analysis).

Rule name:	CrimsonRAT Create hunting rule
Author:	Still
Description:	Matches CrimsonRAT
TLP:	TLP:WHITE
Repository:	YARAify

Rule name:	pe_imphash Create hunting rule
TLP:	TLP:WHITE
Repository:	MalwareBazaar

Rule name:	Skystars_Malware_Imphash Create hunting rule
Author:	Skystars LightDefender
Description:	imphash
TLP:	TLP:WHITE
Repository:	MalwareBazaar

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2024-10-03 06:15:28 UTC Static: 4 Unpacker: 0 ClamAV: 0