File 0f282fe03cddacd8676396f85b550205de4f032c1e8b664751c2800376d4fe91 Summary
Like

Analyse score

4 / 14

4 antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

wsf

wsf

Basic properties

CRC32

0xcb1e75d6

MD5

b89d3436dd1225fe0a57d19e383b2824

Magic

HTML document, ASCII text, with very long lines, with CRLF line terminators

SHA1

5f5ae745a5e699f3632541484f8cc58e342d98bc

SHA256

0f282fe03cddacd8676396f85b550205de4f032c1e8b664751c2800376d4fe91

SHA512

b0ab11d8c09b65c695c12254657d6e6fb9ca0f442475dd9ff4c0963c6155ffb98c7d46c6e01ea3a7c8b78819da2584e562ad0a0c7c1316ca7a5a3d7f850d0150

SSDeep

192:C2juJFNlsnrKtzGfk2+dkSLy9aeSn6KgN1nRb67NXAF5:C20mrqV2HSLy9aeS6l167o

Size

7.02KB

Packer
  • Text: format: plain text[CRLF]
TrID
  • Warning: file seems to be plain text/ASCII
  • TrID is best suited to analyze binary files!
  • 100.0% (.HTML) HyperText Markup Language (3000/1/1)

ExifTool File Metadata

ExifToolVersionNumber

12.62

FileSize

7.2 kB

FileType

HTML

FileTypeExtension

html

MimeType

text/html

Submissions

Published Name Source Country
0f282fe03cddacd8676396f85b550205de4f032c1e8b664751c2800376d4fe91.hta web IT

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!