File 0f7325f4221cf7e0e6edb6e6e2460eec8bc41a6ea714ab64788ca9dd87e62265 Summary
Like

Analyse score

0 / 14

No antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0xf7781490

MD5

423d24fe678eccb0c1354b9d55a1e076

Magic

PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

SHA1

fbc1edfacf5ffca5559373670a91d6909549dfd8

SHA256

0f7325f4221cf7e0e6edb6e6e2460eec8bc41a6ea714ab64788ca9dd87e62265

SHA512

c9e3b42aa8d330fd5f36847f978c0577b62e4fd92d19f6215186cb64a855985b02e245829c4cfa3cab7d1ad1cdb8aa24dffe69eb70b1c2efeaeb2d56c1ab3235

SSDeep

24576:0uwwnbIV/TYlqsBBw/33ZliGuPZyTcUjdLWmC06jy1dyZGvBItTD:0TwbIRYssPw/nr2PZyLdC46edM

Size

1.49MB

Packer
  • PE: library: .NET(v4.0.30319)[-]
  • PE: compiler: VB.NET(-)[-]
  • PE: linker: Microsoft Linker(80.0)[EXE32,admin]
TrID
  • 30.2% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 18.9% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 14.5% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 12.9% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 5.9% (.ICL) Windows Icons Library (generic) (2059/9)
Tags

ExifTool File Metadata

CodeSize

1.43MB

EntryPoint

0x17098e

ExifToolVersionNumber

12.62

FileSize

1562 kB

FileType

Win32 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, Large address aware, 32-bit

ImageVersion

0.0

InitializedDataSize

58.00KB

LinkerVersion

80.0

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

OsVersion

4.0

PeType

PE32

Subsystem

Windows GUI

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
SRV.exe web SK

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!