Authenticate for API access | If you are experiencing issues with receiving data from abuse.ch platforms via API, please ensure your requests are authenticated. ➡️ Read here for more info

Statistics

YARAify produces detailed statistics on files scanned, including associated detections - find the available statistics below.

You can also access Spamhaus's Malware Digest report, based on YARAify data:

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 30 days.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past 30 days.

API requests

The illustration below documents the number of API requests over the past 30 days.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 14 days.

Task countYARA RuleAuthorLast match
2'106'144CP_AllMal_DetectorDiegoAnalytics2025-10-08
183'705vmdetectnex2025-10-12
127'688NETmalware-lu2025-10-12
119'115golang_bin_JCorn_CSC846Justin Cornwell2025-10-12
111'492CP_Script_Inject_DetectorDiegoAnalytics2025-10-12
94'108DebuggerCheck__API2025-10-12
89'540FreddyBearDropperDwarozh Hoshiar2025-10-12
68'562Sus_CMD_Powershell_UsageXiAnzheng2025-10-12
55'407DetectEncryptedVariantsZinyth2025-10-12
55'376MD5_Constantsphoul (@phoul)2025-10-12
49'446ThreadControl__Context2025-10-12
47'679SHA1_Constantsphoul (@phoul)2025-10-12
47'679RIPEMD160_Constantsphoul (@phoul)2025-10-12
42'397pe_detect_tls_callbacks2025-10-12
38'466UPXV200V290MarkusOberhumerLaszloMolnarJohnReisermalware-lu2025-10-12

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 14 days.

Task countClamAV SignatureLast match
66'418Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-02025-10-12
46'958PUA.Win.Packer.Lccwin-22025-10-12
31'555Win.Trojan.Obfus-382025-10-12
30'819SecuriteInfo.com.BackDoor.HangUp.43914.UNOFFICIAL2025-10-12
29'757SecuriteInfo.com.PDF.URI-55.UNOFFICIAL2025-10-12
24'647Win.Malware.Qukart-6838239-02025-10-12
23'812Win.Trojan.Qukart-6874817-02025-10-12
23'811Win.Trojan.Padodor-10016488-02025-10-12
22'366Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-02025-10-12
15'917SecuriteInfo.com.BackDoor.HangUp.44049.10213.32330.UNOFFICIAL2025-10-12
15'866Win.Trojan.Padodor-9877164-02025-10-12
14'192SecuriteInfo.com.BackDoor.HangUp.43791.UNOFFICIAL2025-10-12
14'127SecuriteInfo.com.PUA.Telegrambot-7.UNOFFICIAL2025-10-12
13'912SecuriteInfo.com.BackDoor.IRC.Tdongs.13538.21428.UNOFFICIAL2025-10-12
13'608SecuriteInfo.com.Trojan.DownLoader9.42839.UNOFFICIAL2025-10-12

Most seen files

Most seen files scanned by YARAify in the past 14 days.

Task countSHA256 hashLast seen
1'7394cc06421248086d6b39b9af81bf78875a1ddad4b61d8acb1cb80f041baf598e42025-09-28
92128c29cb2e04e566912030546c78f056d630bb548508987612e6ad3f71ab8c83d2025-09-30
879d988d6a5937fdac03fd8e5fd5acea52973423d0e209f603107104c04b72d779c2025-09-30
757990f35822641e527fac14072ac7b52960426c2fd14b33c3745a0fb0676af00072025-10-01
6351a35399fc64a6eeae59b497b29293cf2e395e0b5925405eea8442addcb6518872025-09-25
482f3f091e730f6653dd039fd55f27c66acaa30b0c97d7982630a4c7bb5fdee24722025-10-02
3093bee0b067e35450783deb2fe8683042c55b060953e7ec78587fc8c94591ce0342024-09-27
2533f51f41c53333d9c02831230c7e39a784b035b8426ead9b0ce1372025eee930c2025-09-30
2407b05d493c04cacd862db1bd974f6392485840793fd6087e49cd8b0f8f2e23cb32025-09-30
184acb86042d97e935463c9c5e0036a24b8944b3bcbe8609929930b3fb67742bee02025-09-25
156edb0c4e65c501671a7ba72f108798f8ec36e47e4e86c8ca8406f19f4af7bd3632025-03-05
1545c4d7270bb8923af5e914e087eb04857b5a39b25f20fd169f260fff4a95c25372025-03-05
14239e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
142e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
1405d321d61ab309b66e4a43518c951fdd8f5508cfaf6a9618f61a7160da8b751e72025-09-30

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 14 days.

Task countdhash iconLast seen
12'31702c0b0746c60b0182025-10-12
6'27100ccc4d0c4fc7c002025-10-12
3'34469ccd4d49696cc712025-10-12
3'2681003873d31213f102025-10-12
3'05904ccfee2ece4a4842025-10-12
2'3191003873db9313e102025-10-12
2'299818da080a0a0a0a22025-10-12
2'25500ccc4d0c4fcfc452025-10-12
1'96268d4965417aad4e12025-10-12
1'806b9696969606c74ec2025-10-12
1'625e9f4aa8accc6c6642025-10-12
1'36500928e8e8686b8002025-10-12
1'254e0f0e48c8ca4c0e02025-10-12
1'199399998ecd4d46c0e2025-10-12
9911003873db9313e162025-10-12

Top imphash

Top imphash observed on files scanned by YARAify in the past 14 days.

Task countimphashLast seen
15'24946f03ef2495b21d7ad3e8d36dc03315d2025-10-12
13'549dae02f32a21e03ce65412f6e56942daa2025-10-13
11'37976515d04dff07b5b4a25c41ca10134842025-10-13
9'692f34d5f2d4577ed6d9ceec516c1f5a7442025-10-13
8'6433f8d79e42b0b7cecf379b1ddce4e422a2025-10-12
6'610c9246f292a6fdc22d70e6e581898a0262025-10-12
6'1614dcbc0931c6f88874a69f966c86889d92025-10-12
5'6556db997463de98ce64bf5b6b8b0f77a452025-10-12
4'91487914047e74de74a89c530e3bb19409e2025-10-12
3'62291f4b88d25daa33c7443253d9beb1bb32025-10-13
3'2635d6cad172c5535e4b6b6bbd2465716212025-10-12
3'1895af7b7a29b6ca9cf4b52f600adcaa68b2025-10-13
3'163a3df475500e5e30f4680b397c2ee13f12025-10-13
3'123f481ea8169d367d8b0e94d0bf02da2202025-10-13
2'70633f98db5bdb6a7013d52f0120248df352025-10-12

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 days.

Task counttlshLast seen
1'306T129C3E1A813348859E4596665FB00ADAE45DE30F9494F71963E3C85CE078AF23B070EFA2025-10-11
921T121826CF3E9B55A8DD881CB9798293DD600ADB427E3C83C91107A87C27989F9CF5012DB2025-09-30
879T102B2AD0A3107D0A4EF4B66C9BB2EFCA2214AB30F45889D220D6C8D579557FF5F56D0C22025-09-30
166T190C46C2AA4604176E4F5213121FE7A672CBD2E6443ED24D377A05E8D6DA41F3B2381EF2021-11-18
154T19C039D79F48D1C8CE5C3C7CBE1F63CAEA56F72229ACCB5C224B54B123C1A44567652A32025-03-05
154T165B4223FE8150C66E8CECBB4FF25F80E1386731436C7B5C264720E627769A8DA55229C2025-03-05
141T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
141T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
140T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
133T1E9922804E78E6763C5EC02BFC8E3B7956BF485BC8A07F39B3C8810950E4A7D64812A472022-01-07
133T1AB41F0FE60E5109CF65823411BCF2CCA458733F10A3B19A3967C1944FA9473F1D7A29A2022-07-27
133T19F816621E7A80627D4EB4734A5F347122BB0E950AA73D73F09944129AEF57104F63B712022-01-30
132T18E031A44A75D9773CBAD06FEF8F3762102F499A9BA07E34B6CCC60A059427F447109AB2022-01-07
132T13CB21A00579DDB33CAFE05BED9F76A1803B0C9662B4AF31E7C881169AD567DB090258B2022-06-06
132T1C5D66B68E683D8F6DC4207754087BAAF22B8A770C779CE27DA046C58DB37E9645373062025-07-20

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 14 days.

Task counttelfhashLast seen
33t1d9417452997897241ff39928bcad97730212a62393763e72af39c0cc54220b0e539d5f2025-10-13
26t19421be12cfed1dcc27e0c255059e861e59e931f42715725a9f7e1faf0897ec0750a43a2025-09-29
22t11df0c084fe764f1589e1a574dcac0360ed436126a562ab20ef52cad0883e149d70cd1d2025-10-11
22t12e11401a8f942e4eaff4000e869ea21b547075592f2b78538c2a752b93831c2f06dc532025-10-11
21t13e512148943c05d9ee731c2968696ba35983f52a22e5bb28ff1acdc0084e42df264d0f2025-10-06
20t1d8f022b0072622115649cbdc84ddb317022c8a0ba74eee37fc31042d21084ecd136c8f2025-10-11
20t173111069cfd8159e2fe08244e15db44e9a74726d1f6735925d756a8fd1428e3306cc202025-10-11
20t17951bbb0399939d8a2fbfb37730be9a45cb50a6015e172d1ceb769e2de417840cb14632025-10-11
20t1564165181e7817b063356c4e159cef3b96a320db7e176c378e51e86aab699835d10c0c2025-10-11
20t1e1d0a7d19e681c48e9f4805dc4ef61679340b5d17f1494877df16d029a320c9703110e2025-10-11
20t10751b1fa6dba08ecfbd0a804c75e5bd33669ca7b153025b0406398b532f79954475c3a2025-10-11
20t178310071567851269aa1ec64d9ed97b2652ac7171340ff32df26c0cc281a449f62ac0f2025-10-11
19t10241bfb3db605627b961c454cafe57a6261dd21a1754ffb3df15848c102a04fa43bc2f2025-10-10
19t1d9e06800fd699a1ca9d39670ed5902b6a2022233b61b0b11cfe4cbd0843b004b60de9e2025-10-10
19t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2025-09-29

File Scans

The chart below shows the number of file scans conducted by YARAify over the past 12 months.

Data Scanned

This chart shows the amount of data scanned in Megabytes over the past past 12 months.

API requests

The illustration below documents the number of API requests over the past past 12 months.

Most matching YARA rules

YARA rules that matched most on files scanned on YARAify in the past 12 months.

Task countYARA RuleAuthorLast match
57'362'704Sus_Obf_Enc_Spoof_Hide_PEXiAnzheng2025-09-16
12'272'912CP_AllMal_DetectorDiegoAnalytics2025-10-08
5'600'329golang_bin_JCorn_CSC846Justin Cornwell2025-10-12
4'955'861DebuggerCheck__API2025-10-12
4'485'375SEH__vba2025-10-12
3'791'573vmdetectnex2025-10-12
3'593'539NETmalware-lu2025-10-12
3'102'563pe_detect_tls_callbacks2025-10-12
2'531'845UPXV200V290MarkusOberhumerLaszloMolnarJohnReisermalware-lu2025-10-12
2'328'583RansomPyShield_AntiransomwareXiAnzheng2025-01-04
2'128'911MD5_Constantsphoul (@phoul)2025-10-12
2'113'273RANSOMWAREToroGuitar2025-10-12
2'047'823UPXv20MarkusLaszloReisermalware-lu2025-10-12
1'798'452SHA1_Constantsphoul (@phoul)2025-10-12
1'798'450RIPEMD160_Constantsphoul (@phoul)2025-10-12

ClamAV Most matching ClamAV signature

ClamAV signature that matched most on files scanned on YARAify in the past 12 Mmonths.

Task countClamAV SignatureLast match
22'018'258PUA.Win.Packer.Lccwin-22025-10-12
14'660'083Win.Trojan.Obfus-382025-10-12
13'657'096Win.Trojan.Qukart-6874817-02025-10-12
13'651'701Win.Trojan.Padodor-10016488-02025-10-12
11'732'285Win.Malware.Qukart-6838239-02025-10-12
4'150'943Win.Trojan.Padodor-9877164-02025-10-12
3'916'128SecuriteInfo.com.BackDoor.HangUp.43791.UNOFFICIAL2025-10-12
3'657'842Win.Trojan.Berbew-9845290-12025-10-12
3'331'048SecuriteInfo.com.BackDoor.HangUp.43874.UNOFFICIAL2025-10-12
3'020'652Win.Dropper.Ajku-10014126-02025-10-12
2'990'033Win.Malware.Midie-6847981-02025-10-04
2'903'571Win.Trojan.Barys-10005825-02025-10-12
2'851'153Win.Dropper.Vbclone-10036195-02025-10-12
2'695'555Win.Malware.Generickdz-10004857-02025-10-12
2'690'942Win.Malware.Midie-6848630-02025-10-12

Most seen files

Most seen files scanned by YARAify in the past 12 months.

Task countSHA256 hashLast seen
8'903e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8552021-07-12
4'5795ddfdd55fac3a23673a52fb3a75bed7dee266fb6fc8b10ced3746ab43064aef52025-03-12
3'47669c88b4d5ea84620d1b762d5119fe9293c34e68268e7006cb503b865e963b2512021-07-09
3'461ebd6320e24d47c0d638749a149f14f4c94b1c98afa228dba1f48eea19a2c72572021-07-09
3'46023c2d2b0c6cec3e69cb07f942c9e56f2087aeb24015be25823897faafc4708ae2022-02-07
3'453b3986e04464339cec16157cf8c8bffec3a8a8c5eae57997974d45f5369fa16552021-07-07
3'451e0af7f483f4965dca90eb5921ae004a7e41593b39284a63af97a9105b96718e72022-01-06
3'44739e48a3fc7e67968ff5d6e3cf8e12a7256af93ccabbce4da20d28c79237d95e82022-01-06
3'4155ea4d94c695189639e9ab7afe8d76d231030921fbfdd95e1941c7c0a05fb8f032022-02-07
3'4131115b6c913a207b9d81f8482613b2a9c2929ca81399861d2d2c47422e244060d2022-02-07
3'3904d3a1915ae5f6353bae216494095c50ea2a67dca5db49bd7004476e1d92bb2ff2021-07-08
3'390e9926dc2559ae45dfffbe4628710240c6ad0c56073bd8f8e1a10bed2b29468e92021-07-08
3'37553c22863323c0f5ff94f4ae86df27a51db4eae7232cc38333346ee8be9df5aa62022-02-07
3'36887479e089e6852958dab4026e07bc01ed1f31af423b1d26db462ef7493a537f12022-02-08
3'35732996a04eeead4de0813ca803033429fd38e0aa4ab8d603508e1d2c6bd38aba72022-02-08

Top dhash icon

Top dhash icon observed on files scanned by YARAify in the past 12 months.

Task countdhash iconLast seen
1'344'54618b1b1b17068c8802025-10-12
573'34158b1b1b17068c8802025-10-12
435'98300ccc4d0c4fc7c002025-10-13
314'51704ccfee2ece4a4842025-10-13
313'6761003873d31213f102025-10-13
216'5261003873db9313e102025-10-13
145'206d8d0d4d8ececece42025-10-12
137'48969ccd4d49696cc712025-10-13
128'939e9f4aa8accc6c6642025-10-13
91'549e0f0e48c8ca4c0e02025-10-13
78'879526e32661e3a2a102025-10-13
78'565b298acbab2ca7a722025-10-12
64'865399998ecd4d46c0e2025-10-13
61'302818da080a0a0a0a22025-10-13
57'24902c0b0746c60b0182025-10-13

Top imphash

Top imphash observed on files scanned by YARAify in the past 12 months.

Task countimphashLast seen
4'037'93746f03ef2495b21d7ad3e8d36dc03315d2025-10-13
2'250'3165d6cad172c5535e4b6b6bbd2465716212025-10-14
2'163'6634dcbc0931c6f88874a69f966c86889d92025-10-13
2'103'7566db997463de98ce64bf5b6b8b0f77a452025-10-13
2'048'624c9246f292a6fdc22d70e6e581898a0262025-10-13
1'348'8543f8d79e42b0b7cecf379b1ddce4e422a2025-10-13
827'46087914047e74de74a89c530e3bb19409e2025-10-13
495'604f34d5f2d4577ed6d9ceec516c1f5a7442025-10-14
461'6582640d4b5d04a2d6756ecdf3ec765cc1a2025-08-15
317'51391f4b88d25daa33c7443253d9beb1bb32025-10-14
290'509dae02f32a21e03ce65412f6e56942daa2025-10-14
186'5402c2ad1dd2c57d1bd5795167a7236b0452025-10-13
152'19309d0478591d4f788cb3e5ea416c252372025-10-14
143'802c06ddfbe3366daddf0cfd3e63c1b53902025-10-12
138'44988478c1f74f94f7e1e9654193a1e02b32025-10-14

Top tlsh

Top tlsh observed on files scanned by YARAify in the past 14 months.

Task counttlshLast seen
3'485T138118CABCBE6ACF1C80C10B4070B8D013674883443E1C3170EA5007E7CA22FCD8B6E022021-07-09
3'470T1CCE2F87B94C24337C001EFB60B95C9AEBB736D306564C0E32BD42B1F892B9687D5D4692021-07-09
3'462T190C46C2AA4604176E4F5213121FE7A672CBD2E6443ED24D377A05E8D6DA41F3B2381EF2021-11-18
3'462T1B5033E9736E31000FB09BE35C654834FEF06CF59B97A9B4ED39826C72371A78629E0592022-02-07
3'454T1C8E052F688E090AC080023A82BDF2CA5437B03BD00202A0BF20BA04D022DF72E30A3F02021-07-07
3'449T10016DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'447T1EF16DD42A3F94608F6F77F7469B916604E3BBCA6AD79C21C1284505E5EB2E40CDB0B732022-01-06
3'424T160030B9736E31000FB09BE32E554C24FEF06CF59B976974ED39826C72350A78662E45B2022-02-07
3'415T153819E61842314C4F557CFF0D61BD82AAFA5334684584E1123E0606A4BCF60427041E32022-02-07
3'395T1BCE47D21F1C18079E4F5157096FF7A5B246C69A64B2838E3E7987EC928741F27A3C2C72021-07-08
3'395T1FBE47D21F1C18079E4F5157096FF7A5B246C69A64B2838E3E7987EC928741F27A3C2C72021-07-08
3'379T1BD812B4525A230CAC056C270ED52C158ABD9BC37AF44D3BBF1B90FDD83112451CC1B0B2022-02-07
3'372T1D7819E61842314C4F557CEF4D51BE869BFA5734550584E1423E0705A4BCBA1427551A32022-02-08
3'367T13A03389736E31100FB08FE32C554838FEF86CF69B976974AD79826C72350A78621E45E2022-02-08
3'300T16211801BC7D1ADF1C44C01700F5786041735D42453D583574E94047EFC561BC6CD6C062021-07-08

Top telfhash

Top telfhash observed on files scanned by YARAify in the past 12 months.

Task counttelfhashLast seen
5'724t126f09018093456e197116ec8673dff7ad56220ef6a055e378f00fda79b699426e10c0c2025-06-05
1'754t10ab0011070740bb84308e12d5cdcae5679f20cc3fe470c27db6047a159b54434d00d182025-07-15
1'698t186c08c8c0fd401beba7d72a203bef2bf61a072f0be0224920404eb6f074c584028144c2025-07-15
1'206t140317403a83f8f3ac5a298b0dc650765516b5701b4f9d7109f3ca9d06c79016702aacd2025-08-12
628t13611d04270b6891d2bb659245cbc42b5165536236381be75bf0ec5c45537002ba79e8b2025-09-29
495t178310071567851269aa1ec64d9ed97b2652ac7171340ff32df26c0cc281a449f62ac0f2025-10-11
474t10751b1fa6dba08ecfbd0a804c75e5bd33669ca7b153025b0406398b532f79954475c3a2025-10-11
437t12e11401a8f942e4eaff4000e869ea21b547075592f2b78538c2a752b93831c2f06dc532025-10-11
434t1e1d0a7d19e681c48e9f4805dc4ef61679340b5d17f1494877df16d029a320c9703110e2025-10-11
431t1564165181e7817b063356c4e159cef3b96a320db7e176c378e51e86aab699835d10c0c2025-10-11
410t17951bbb0399939d8a2fbfb37730be9a45cb50a6015e172d1ceb769e2de417840cb14632025-10-11
396t173111069cfd8159e2fe08244e15db44e9a74726d1f6735925d756a8fd1428e3306cc202025-10-11
385t1d211020260b689282bb259205cbc42f1165526233341be75bf0ec5c4993b002aa78e8b2025-09-29
379t1fe11104270b6891c2bb259245cbc42b0165532232381be74bf0ec5c05937002ba79e8b2025-09-29
275t157110e13a0b9ca282bf348249dbc07f005502b23a782be71bf0ac5c49437002a875d9b2025-09-18