File 1e648acb0dd2bf811d923e7b3e648b8578e13e0671ccf96886261fe9424fe987 Summary
Like

Analyse score

8 / 14

8 antivirus venders flagged
this file as malicious

Last scanned

First submission

File type

zip

zip

Basic properties

CRC32

0x64478650

MD5

faab262ed82d6966bdf1118ef69e18ac

Magic

Zip archive data, at least v1.0 to extract

SHA1

44f7acc08747528d1bcafb3de03424e08a6d05f4

SHA256

1e648acb0dd2bf811d923e7b3e648b8578e13e0671ccf96886261fe9424fe987

SHA512

5de8859047f2f5542d91b86cbf647cb1c1c04086b21ecdad764f6fa45e55592b20c6562b96abb8a8b72075c3e4cb600722a4ce4d56a725fdca1e51010510f26a

SSDeep

48:Yd5v4xEySQXgywEyCl5eXxnXzjGfA/HH7Pb7v1kvdCisTLrnUVbmsX8Rtw+KI2Xb:YvC6ClWvVHbPvvmvdCisPrUVbl3jd6/k

Size

4.68KB

Packer
  • Binary: archive: Zip(1.0)[41.9%,9 files,3 dirs]
TrID
  • 58.3% (.MAFF) Mozilla Archive Format (gen) (7000/1/1)
  • 33.3% (.ZIP) ZIP compressed archive (4000/1)
  • 8.3% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Tags

ExifTool File Metadata

ExifToolVersionNumber

12.64

FileSize

4.8 kB

FileType

ZIP

FileTypeExtension

zip

MimeType

application/zip

Warning

[minor] Use the Duplicates option to extract tags for all 12 files

ZipBitFlag

0

ZipCompressedSize

0

ZipCompression

None

ZipCrc

0x00000000

ZipFileName

JS-BotNet-master/

ZipRequiredVersion

10

ZipUncompressedSize

0

Show all

Submissions

Published Name Source Country
Trojan.Javascript.Hivemind.a.zip web undefined

Indicators

Description Severity Category Module
Malware detection of a yara signature: Win32/WannaCry
malicious
Sandbox Detection Behavior
Communicates over HTTP with a low reputation domain
informational
C2 Behavior
Deletes itself after process termination
suspicious
Stealth Behavior
Write a file to the startup folder
suspicious
Persistence Behavior
Check for the existence of Virtual Machines
suspicious
Signature Yara

🚀 Coming soon!

Virtual Screens

🚀 Coming soon!