File 0337fb2878fb315691280923b0de3dcc32fdd1cf10071298d0bac439a958609b Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

zip

zip

Basic properties

CRC32

0x3ef7a85f

MD5

edc305a417287907a96373101878aa33

Magic

Zip archive data, at least v2.0 to extract

SHA1

c5b3de22a77799feb3bd4f17c3c657848d873f7a

SHA256

0337fb2878fb315691280923b0de3dcc32fdd1cf10071298d0bac439a958609b

SHA512

ab18c9b8338250424685aee7f61c42e24e9213d8478d943ddc18d0e28197cb6f1c1175ff216379ddf83f8bcbc8979eb7b9f1d9a56a38f03583ce518b83704ccf

SSDeep

49152:3MLz5xwcBdXvCJUR1Kl5IYibOlva1QrPnW/IgHkX36:Q5xw2dUN5IYil1qPnEHaK

Size

1.64MB

Packer
  • Binary: archive: Zip(2.0)[1 file]
TrID
  • 80.0% (.ZIP) ZIP compressed archive (4000/1)
  • 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

1719 kB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

Stream mode data encountered, file list may be incomplete

ZipBitFlag

0x0008

ZipCompressedSize

0

ZipCompression

Deflated

ZipCrc

0x00000000

ZipFileName

smbmon.exe.METADATA

ZipRequiredVersion

20

ZipUncompressedSize

0

Show all

Submissions

Published Name Source Country
ap-file-smbmon.exe--1584505828.zip web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!