Analyse score
No antivirus venders flagged
this file as malicious
No antivirus venders flagged
this file as malicious
CRC32 | 0xa43115b0 |
---|---|
MD5 | b696cdafc36bb19810b5260746db1665 |
Magic | PDF document, version 1.4 |
SHA1 | ada9c360c5f82e2c9148962cc2f8985b487a7095 |
SHA256 | 076026335e7bfcf4bd94c1989bcefe739290389b45292427146f875fe3e1bfab |
SHA512 | af14c2da6274725de982fa426721ba626b10dd9eb7fb265209a598d5fe477fd6652a769c6fdbe806bbf639ec02a86be7c29b66451a43c2749acd1bdc366566cd |
SSDeep | 3072:IEe84QsBOrif0EhE4JD0Hd4TZKVo66tWb5eS13S4UM:IEe84JOGCWYAC3SpM |
Size | 138.44KB |
Packer |
|
TrID |
|
Creator | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 |
---|---|
ExifToolVersionNumber | 12.64 |
FileSize | 142 kB |
FileType | |
FileTypeExtension | |
Linearized | No |
MimeType | application/pdf |
PageCount | 4 |
PdfVersion | 1.4 |
Producer | Skia/PDF m120 |
TaggedPdf | Yes |
Published | Name | Source | Country |
---|---|---|---|
Server.ir - فاکتور #TP0221697.pdf | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!