Analyse score
1 antivirus venders flagged
this file as malicious
Signature
Signed file, valid signature
Last scanned
First submission
File type
exe
1 antivirus venders flagged
this file as malicious
Signed file, valid signature
exe
CRC32 | 0x86b65623 |
---|---|
MD5 | 40483c4ac249b747060ac46cce13ab6f |
Magic | PE32 executable (GUI) Intel 80386, for MS Windows |
SHA1 | 0b82b980eea1e8d2be9e70e01fe1421aa38abc7d |
SHA256 | 1d0d0a6c3770c390744033232a8de0bf682716849ebc2866118c65c51cf5d4d9 |
SHA512 | d589e46cacb338a8624b07dc43dc88d3a4af736373e5023021b7c9cfc54dc957cb40850a800054800ca24aad856be49279a713b02134157ae57cf3b028fa01ff |
SSDeep | 98304:BUBtTfLX1LNmue0GQwiGPzWpXH7VfiDmsDXEc9bl4ziMvEZWj:BUfZL009wzzopfiDmsDx95ItEYj |
Size | 4.97MB |
Packer |
|
TrID |
|
Tags |
CharacterSet | Windows, Latin1 |
---|---|
CodeSize | 10.50KB |
CompanyName | AnyDesk Software GmbH |
EntryPoint | 0x1ce5 |
ExifToolVersionNumber | 12.64 |
FileDescription | AnyDesk |
FileFlags | (none) |
FileFlagsMask | 0x0000 |
FileOs | Unknown (0) |
FileSize | 5.2 MB |
FileSubtype | 0 |
Published | Name | Source | Country |
---|---|---|---|
AnyDesk (1).exe | web | undefined |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!