search

cocaman / yara-scan-service

Repository for scripts and tips for "Yara Scan Service"
Creative Commons Zero v1.0 Universal
20 stars 1 forks source link

Sample found not available on bazaar #4

Closed ruppde closed 1 year ago

ruppde commented 1 year ago

hi Corsin,

scan id 2ca1d32c6a64166719c84f5b92772dc076a9dbd89dd11fcbfdbf7d5521001d36 found 3898332552a72541aac94c9aa2ddb2426c3ae19fce709e4998dc93f5a6dca9e5 but if I follow the supplied link, it says " No records found" ?

https://bazaar.abuse.ch/sample/3898332552a72541aac94c9aa2ddb2426c3ae19fce709e4998dc93f5a6dca9e5/

best regards arnim

cocaman commented 1 year ago

Hey arnim

very likely was the file deleted from MalwareBazaar at some point since YSS has downloaded it. 336K Jul 16 08:00 3898332552a72541aac94c9aa2ddb2426c3ae19fce709e4998dc93f5a6dca9e5.dll

The file was downloaded on July 16th 2022. YSS does not validate if files still exist on MalwareBazaar, as this would potentially cause a heavy load on their system :-/. The file however, is still available on VirusTotal. https://www.virustotal.com/gui/file/3898332552a72541aac94c9aa2ddb2426c3ae19fce709e4998dc93f5a6dca9e5/detection

I hope this helps.

Best regards, Corsin

ruppde commented 1 year ago

ok, wasn't aware that YSS works on a copy of MB, so this occasionally happens.