File 1d0d0a6c3770c390744033232a8de0bf682716849ebc2866118c65c51cf5d4d9 Summary
Like

Analyse score

1 / 14

1 antivirus venders flagged
this file as malicious

Signature

Signed file, valid signature

Last scanned

First submission

File type

exe

exe

Basic properties

CRC32

0x86b65623

MD5

40483c4ac249b747060ac46cce13ab6f

Magic

PE32 executable (GUI) Intel 80386, for MS Windows

SHA1

0b82b980eea1e8d2be9e70e01fe1421aa38abc7d

SHA256

1d0d0a6c3770c390744033232a8de0bf682716849ebc2866118c65c51cf5d4d9

SHA512

d589e46cacb338a8624b07dc43dc88d3a4af736373e5023021b7c9cfc54dc957cb40850a800054800ca24aad856be49279a713b02134157ae57cf3b028fa01ff

SSDeep

98304:BUBtTfLX1LNmue0GQwiGPzWpXH7VfiDmsDXEc9bl4ziMvEZWj:BUfZL009wzzopfiDmsDx95ItEYj

Size

4.97MB

Packer
  • PE: compiler: Microsoft Visual C/C++(2010 SP1)[-]
  • PE: linker: Microsoft Linker(10.0)[EXE32,signed]
TrID
  • 45.5% (.EXE) Win64 Executable (generic) (10523/12/4)
  • 19.4% (.EXE) Win32 Executable (generic) (4505/5/1)
  • 8.9% (.ICL) Windows Icons Library (generic) (2059/9)
  • 8.7% (.EXE) OS/2 Executable (generic) (2029/13)
  • 8.6% (.EXE) Generic Win/DOS Executable (2002/3)
Tags

ExifTool File Metadata

CharacterSet

Windows, Latin1

CodeSize

10.50KB

CompanyName

AnyDesk Software GmbH

EntryPoint

0x1ce5

ExifToolVersionNumber

12.64

FileDescription

AnyDesk

FileFlags

(none)

FileFlagsMask

0x0000

FileOs

Unknown (0)

FileSize

5.2 MB

FileSubtype

0

FileType

Win32 EXE

FileTypeExtension

exe

FileVersion

8.0.7

FileVersionNumber

8.0.7.0

ImageFileCharacteristics

Executable, Large address aware, 32-bit

ImageVersion

0.0

InitializedDataSize

4.94MB

LanguageCode

English (U.S.)

LegalCopyright

(C) 2022 AnyDesk Software GmbH

LinkerVersion

10.0

MachineType

Intel 386 or later, and compatibles

MimeType

application/octet-stream

ObjectFileType

Executable application

OsVersion

5.1

PeType

PE32

ProductName

AnyDesk

ProductVersion

8.0

ProductVersionNumber

0.0.0.0

Subsystem

Windows GUI

SubsystemVersion

5.1

UninitializedDataSize

19082752

Show all

Submissions

Published Name Source Country
AnyDesk (1).exe web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!