Analyse score
8 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
8 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x7868784e |
---|---|
MD5 | 64bdf513659ed4689b12609c536124bf |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 213ef403675c1ae7b3cb75f228d5d187d2aa49d2 |
SHA256 | 2ab0b1bc9caec9ffb7ce4a6f3c25616fcf0b23d5bf1936ce61dba41ada5137ee |
SHA512 | d3ec0dbd345e874f5ecbabf350dffd13c6ec91b0b027e96bd86adb3bb6063f64633be8cda245c2602ba74c28cf135b54f64943372b4efacc47c48d193e10036a |
SSDeep | 12288:9MWgti3uE3XjGehrU+dXjhSl+mhSx9yiJODCWQwilKZUF50+ujV/iDf8cLI:2WxD7w+dXjcl+8W9vtdvlD/l2HcLI |
Size | 804.50KB |
Packer |
|
TrID |
|
Tags |
CodeSize | 102.50KB |
---|---|
EntryPoint | 0x11772 |
ExifToolVersionNumber | 12.64 |
FileSize | 824 kB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | Executable, 32-bit |
ImageVersion | 5.1 |
InitializedDataSize | 710.50KB |
LinkerVersion | 11.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
VirusShare_64bdf513659ed4689b12609c536124bf | api | CN |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!