Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
File 0337fb2878fb315691280923b0de3dcc32fdd1cf10071298d0bac439a958609b Summary
Basic properties
| CRC32 | 0x3ef7a85f |
|---|---|
| MD5 | edc305a417287907a96373101878aa33 |
| Magic | Zip archive data, at least v2.0 to extract |
| SHA1 | c5b3de22a77799feb3bd4f17c3c657848d873f7a |
| SHA256 | 0337fb2878fb315691280923b0de3dcc32fdd1cf10071298d0bac439a958609b |
| SHA512 | ab18c9b8338250424685aee7f61c42e24e9213d8478d943ddc18d0e28197cb6f1c1175ff216379ddf83f8bcbc8979eb7b9f1d9a56a38f03583ce518b83704ccf |
| SSDeep | 49152:3MLz5xwcBdXvCJUR1Kl5IYibOlva1QrPnW/IgHkX36:Q5xw2dUN5IYil1qPnEHaK |
| Size | 1.64MB |
| Packer |
|
| TrID |
|
ExifTool File Metadata
| ExifToolVersionNumber | 12.62 |
|---|---|
| FileSize | 1719 kB |
| FileType | ZIP |
| FileTypeExtension | zip |
| MimeType | application/zip |
| Warning | Stream mode data encountered, file list may be incomplete |
| ZipBitFlag | 0x0008 |
| ZipCompressedSize | 0 |
| ZipCompression | Deflated |
| ZipCrc | 0x00000000 |
| ZipFileName | smbmon.exe.METADATA |
Submissions
| Published | Name | Source | Country |
|---|---|---|---|
| ap-file-smbmon.exe--1584505828.zip | web | undefined |
Indicators
| Description | Severity | Category | Module |
|---|---|---|---|
| Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
| Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
| Deletes itself after process termination | suspicious
|
Stealth | Behavior |
| Write a file to the startup folder | suspicious
|
Persistence | Behavior |
| Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
Virtual Screens
🚀 Coming soon!