Safe
Text file with zero malicious detections across 16 tier-1 antivirus engines and no external-intelligence corroboration.
13d6476f7d33130a84…03bfdd2426The verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The sample exhibits a strong clean consensus: 16 tier-1 antivirus vendors (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus, and others) all report it undetected or silent, with zero malicious flags across 59 reporting engines. No external-intelligence sources (CIRCL, MalwareBazaar, YARAify) flagged the sample. The file is unsigned and rare (1 submission), but its text-file classification, benign filename, and absence of any adversarial indicators or heuristic triggers support a safe classification. The lack of sandbox data is immaterial given the overwhelming engine consensus and file-type profile.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
tier1Malicious=0; 16 tier-1 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus, and others) all undetected or silent
prevalence.classification='rare_new' (1 submission, 1 submitter) — newly observed, no established reputation baseline
signing.verified=false; unsigned file; no signer history to cross-reference
externalIntel: CIRCL.hit=false, MalwareBazaar.hit=false, YARAify.ruleCount=0 — no researcher-curated corroboration
fileType='Text', MIME='application/octet-stream' — data/config artifact, not executable; no PE analysis applicable
- 16 tier-1 antivirus engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus, and others) all undetected
- Zero malicious detections across all 59 reporting engines
- No external-intelligence hits (CIRCL, MalwareBazaar, YARAify)
- Text-file format with benign filename; no adversarial indicators
- No heuristic triggers, no dropped children, no malicious host contact
This file is safe. No quarantine or removal is necessary. If you downloaded it from an untrusted source, verify the source's legitimacy, but our analysis shows no malware.
0 detections across 74 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- Rayan.gpc
- Size
- 64.9 KB
- MIME type
- application/octet-stream
- Detected type
- Text
- SHA-256
- 13d6476f7d33130a84865217e83aa5bdd3da26205c4230ad737e6a03bfdd2426
- MD5
- ad89fe02966e9a026c27d5a8ea95abfb
- SHA-1
- 02c4f0fa63084b3f7c01a28c9580d74491b49ca3
- First seen (VT)
- 6/22/2026, 3:59:13 AM
- Last analysis (VT)
- 6/22/2026, 3:59:13 AM
- First scan (MalwareTips)
- 6/22/2026, 4:00:25 AM
- Last scan (MalwareTips)
- 6/22/2026, 4:00:25 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.