YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash f2f8cbc00a79ddfe87a7e26ce4ac054468bcc449ac675993f2383a883e44f27a.

SHA256 hash:	f2f8cbc00a79ddfe87a7e26ce4ac054468bcc449ac675993f2383a883e44f27a
File size:	3'682'096 bytes
File download:	Original
MIME type:	application/x-dosexec
MD5 hash:	0a6cc7be44c55ed96dd88f6cbf0133e5
SHA1 hash:	c5d91cf4e00263e2638ea3086663680888037cdf
SHA3-384 hash:	ff53730f4eceb9debda77764de87118eb683b930ca9a457007bbd624f724b3841b68175f04e6466828f89b8bbf392062
First seen:	2022-07-15 04:01:02 UTC
Last seen:	Never
Sightings:	1
imphash :	c284fa365c4442728ac859c0f9ed4dc5 Create hunting rule
ssdeep :	98304:kCeieU31vwoePs9oD/xcWJHaTyKMgv+XAYO8j3wF0o3LJVMz2:kCt316HVcWhcMm+Q2j3Q04Jj
TLSH :	T1B9063375E38B755EC3446732BEB2B9070F08B0144D86F48CD6AAD4A79C86B0F4B3E665 Create hunting rule
telfhash :	n/a
gimphash :	n/a
dhash icon :	n/a

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

The file matched the following open source and commercial ClamAV rules.

Signature:	PUA.Win.Packer.Asprotect-3 Create hunting rule

Signature:	Win.Malware.Asprotect-9938920-0 Create hunting rule

Signature:	Win.Packed.Asprotect-9937506-0 Create hunting rule

Signature:	Win.Packed.Asprotect-9937507-0 Create hunting rule

Signature:	Win.Packed.Asprotect-9937518-0 Create hunting rule

The following YARA rules matched on the file (static analysis).

Rule name:	Sectigo_Code_Signed Create hunting rule
Description:	Detects code signed by the Sectigo RSA Code Signing CA
Reference:	https://bazaar.abuse.ch/export/csv/cscb/
TLP:	TLP:WHITE
Repository:	Sandnet

The following YARA rules matched on the unpacked file.

Disabled by submitter

The following files could be unpacked from this sample.

Disabled by submitter

2022-07-15 04:01:02 UTC Static: 1 Unpacker: 0 ClamAV: 5