Analyse score
5 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
5 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x4d5504b5 |
---|---|
MD5 | 39b2104a82474558e5ae42e9c0a371c1 |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 4b2805df6533e44de6891eaeac24749852c370bb |
SHA256 | 406b001a1fe34628e6b76de07a30de32a87820ffd93778ea621804bc41072aaa |
SHA512 | eb59a20ce5df23b9db07dd6f52eea66faf4871edc2518aee63179fc7d86af65f50f7c5ebfb0dc47851ac34250b45a7110f077eb56ae00a23d34e2e40587a71e1 |
SSDeep | 384:AoSaKbH7Xy9khmQ9M+NTFE4e6Ol2FcsUlmeU41Q6AjZmGOi4Q61tton5:7jKKmhmQmK7uycQt41Q6k/4Q8Y5 |
Size | 55.50KB |
Packer |
|
TrID |
|
Tags |
CodeSize | 54.50KB |
---|---|
EntryPoint | 0x5718 |
ExifToolVersionNumber | 12.62 |
FileSize | 57 kB |
FileType | Win32 EXE |
FileTypeExtension | exe |
ImageFileCharacteristics | No relocs, Executable, No line numbers, No symbols, 32-bit |
ImageVersion | 0.0 |
InitializedDataSize | 0B |
LinkerVersion | 6.0 |
MachineType | Intel 386 or later, and compatibles |
Published | Name | Source | Country |
---|---|---|---|
406b001a1fe34628e6b76de07a30de32a87820ffd93778ea621804bc41072aaa | api | US |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!