File 12536f11c7292045e029418b1624ea46ce7f144a1947d13a8b90816714d18d81 Summary
Like

Analyse score

2 / 14

2 antivirus venders flagged
this file as malicious

Signature

File is not signed

Last scanned

First submission

Basic properties

CRC32

0x6cd359b0

MD5

860325622e9010326f6688e5014a60f5

Magic

PE32 executable (console) Intel 80386, for MS Windows

SHA1

ceb313603908891f9036a8bac07544e4a325efc2

SHA256

12536f11c7292045e029418b1624ea46ce7f144a1947d13a8b90816714d18d81

SHA512

9ba9a1d07828ca5a07a6d0a413848d7ff89e5b6d4cca9dbafb28370a7fc1218c238116765b01539a4aef4912e358ab5e489c070f981de10ab01848a9f7ca5bd2

SSDeep

6144:SH6wGMKoumGbEdhl3VlQVABbYrWwWP9puRr74pdcqAOtmYm:GxNwedhrlKABbvDuRrsRyYm

Size

251.50KB

Packer
  • PE: compiler: Microsoft Visual C/C++(-)[-]
  • PE: linker: Microsoft Linker(14.28**)[EXE32,console]
TrID
  • 32.1% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 20.1% (.DLL) Win32 Dynamic Link Library (generic) (6578/25/2)
  • 15.4% (.EXE) Win16 NE executable (generic) (5038/12/1)
  • 13.7% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 6.2% (.EXE) OS/2 Executable (generic) (2029/13)
Tags

ExifTool File Metadata

CodeSize

173.00KB

EntryPoint

0xfb92

ExifToolVersionNumber

12.62

FileSize

258 kB

FileType

Win32 EXE

FileTypeExtension

exe

ImageFileCharacteristics

Executable, 32-bit

ImageVersion

0.0

InitializedDataSize

82.00KB

LinkerVersion

14.28

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

OsVersion

6.0

PeType

PE32

Subsystem

Windows command line

SubsystemVersion

6.0

UninitializedDataSize

0

Show all

Submissions

Published Name Source Country
CALL OF DUTY CHECKER.exe web PH

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!