Analyse score
7 antivirus venders flagged
this file as malicious
Signature
File is not signed
Last scanned
First submission
File type
exe
7 antivirus venders flagged
this file as malicious
File is not signed
exe
CRC32 | 0x5649e7e2 |
---|---|
MD5 | 4a45f12939a278552f5569673f0e9173 |
Magic | PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows |
SHA1 | 7b69f4a62b07e58227168fe1f5e8690e82d1b01f |
SHA256 | 1558c7315705e8ad59f95a4f43816c1a1d9c492854876197c72952521c25af4b |
SHA512 | 3d4174077a139de082a97a406f82bfad4dd13c09d51d007233f3f85acbd181a9012f61c495d85271461a5bc0920b918d2ea1ec03e3492ddee60aaeb73b47f376 |
SSDeep | 96:knrRUddnBbftsMafHH7u+3SHvHR4rAp/VzNt:krqdnlFsMafHbu5fR4r0v |
Size | 6.00KB |
Packer |
|
TrID |
|
Tags |
AssemblyVersion | 1.0.0.0 |
---|---|
CharacterSet | Unicode |
CodeSize | 3.50KB |
Comments |
|
CompanyName |
|
EntryPoint | 0x2c8e |
ExifToolVersionNumber | 12.49 |
FileDescription | Lime |
FileFlags | (none) |
FileFlagsMask | 0x003f |
FileOs | Win32 |
Published | Name | Source | Country |
---|---|---|---|
Lime.exe | web | FR |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!