MalwareBazaar Database
This page shows some basic information the YARA rule Polymorph_BAT_CAB including corresponding malware samples.
Database Entry
| YARA Rule: | Polymorph_BAT_CAB |
|---|---|
| Author: | marcin@ulikowski.pl |
| Description: | Detects polymorphic BAT/CAB files self-extracting payload with extrac32.exe/extract.exe |
| Firstseen: | 2024-06-25 06:46:55 UTC |
| Lastseen: | 2025-11-27 15:09:38 UTC |
| Sightings: | 64 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|